Remilia: added a reverse proxy for Gitea SSH
This commit is contained in:
96
flake.lock
generated
96
flake.lock
generated
@@ -5,11 +5,11 @@
|
|||||||
"nixpkgs": "nixpkgs"
|
"nixpkgs": "nixpkgs"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1640802000,
|
"lastModified": 1641576265,
|
||||||
"narHash": "sha256-ZiI94Zv/IgW64fqKrtVaQqfUCkn9STvAjgfFmvtqcQ8=",
|
"narHash": "sha256-G4W39k5hdu2kS13pi/RhyTOySAo7rmrs7yMUZRH0OZI=",
|
||||||
"owner": "ryantm",
|
"owner": "ryantm",
|
||||||
"repo": "agenix",
|
"repo": "agenix",
|
||||||
"rev": "c5558c88b2941bf94886dfdede6926b1ba5f5629",
|
"rev": "08b9c96878b2f9974fc8bde048273265ad632357",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@@ -36,11 +36,11 @@
|
|||||||
},
|
},
|
||||||
"emacs": {
|
"emacs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1641149178,
|
"lastModified": 1642185505,
|
||||||
"narHash": "sha256-Mt+oT5YZ6G9zHctDKV5pY+3vIdsMmAg0HMvz6rxsIc0=",
|
"narHash": "sha256-J8eDunoleOw+bXn7kVUOraYKkaYai8BahMOvKmi4XXA=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "emacs-overlay",
|
"repo": "emacs-overlay",
|
||||||
"rev": "f3c435a5e5cfa3ce1b2f50ba37b9cacfec4139d9",
|
"rev": "0d01d3b11249a471c80ab2c972646c4c809b8237",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@@ -52,11 +52,11 @@
|
|||||||
"flake-compat": {
|
"flake-compat": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1627913399,
|
"lastModified": 1641205782,
|
||||||
"narHash": "sha256-hY8g6H2KFL8ownSiFeMOjwPC8P0ueXpCVEbxgda3pko=",
|
"narHash": "sha256-4jY7RCWUoZ9cKD8co0/4tFARpWB+57+r1bLLvXNJliY=",
|
||||||
"owner": "edolstra",
|
"owner": "edolstra",
|
||||||
"repo": "flake-compat",
|
"repo": "flake-compat",
|
||||||
"rev": "12c64ca55c1014cdc1b16ed5a804aa8576601ff2",
|
"rev": "b7547d3eed6f32d06102ead8991ec52ab0a4f1a7",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@@ -115,11 +115,11 @@
|
|||||||
"nixpkgs": "nixpkgs_2"
|
"nixpkgs": "nixpkgs_2"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1641121012,
|
"lastModified": 1642117744,
|
||||||
"narHash": "sha256-svaOMxNMQgFHjcxdmLojOxTxfqSENtnO+S3kb+npIwY=",
|
"narHash": "sha256-/SvxBe/m6JiRSlKIrgD6LQxee9GGewFyq+lsPxoViMY=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "8e7a10602d1eb1d242c9d3f9b822203d5751a8c6",
|
"rev": "a5dd5d5f197724f3065fd39c59c7ccea3c8dcb8f",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@@ -171,11 +171,11 @@
|
|||||||
},
|
},
|
||||||
"master": {
|
"master": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1641155364,
|
"lastModified": 1642192855,
|
||||||
"narHash": "sha256-7OXbMNAVeO5Yn916tADri1UIzl5bU27PjIDSLZB4G9A=",
|
"narHash": "sha256-K3G8uQ03gH23Oy+kTsYRcRYH+UcQN8D+2Ek0/TU2b3E=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "03985162cf0d012b5ebdad5271c26e0cfacd1aa2",
|
"rev": "b17f868724f1a6b9d11c515ac122222852979eba",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@@ -212,11 +212,11 @@
|
|||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"dir": "contrib",
|
"dir": "contrib",
|
||||||
"lastModified": 1641106516,
|
"lastModified": 1642128238,
|
||||||
"narHash": "sha256-zx9GDn7rXvqvrQaRiop7Xx8qqSt3FPppVcShmneSqHs=",
|
"narHash": "sha256-nqOpS7qxA0iaCWoZ4zbAHCkg8SCuMlmql399hQbZnik=",
|
||||||
"owner": "neovim",
|
"owner": "neovim",
|
||||||
"repo": "neovim",
|
"repo": "neovim",
|
||||||
"rev": "e42c9065972f93e4666fbd8e06fc56333e9e5d24",
|
"rev": "a88046fe2d0710d1d1132ea544e9dbbbac1af7de",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@@ -232,11 +232,11 @@
|
|||||||
"utils": "utils_3"
|
"utils": "utils_3"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1640904492,
|
"lastModified": 1641594851,
|
||||||
"narHash": "sha256-KrFdQl9sRxfkA18OnfY10+wvcRsExEjl0HHUQH2Di8E=",
|
"narHash": "sha256-aXwbg2PAkmnxmqeh0z+KNwNvJJpzomopmnWtv3qZg9E=",
|
||||||
"owner": "fufexan",
|
"owner": "fufexan",
|
||||||
"repo": "nix-gaming",
|
"repo": "nix-gaming",
|
||||||
"rev": "57f79e1181805df1ec1c6336dca40aee9671cee0",
|
"rev": "94834b0e04d27f3eb7e2832639378697441d44a3",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@@ -306,11 +306,11 @@
|
|||||||
},
|
},
|
||||||
"nixpkgs_2": {
|
"nixpkgs_2": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1641104204,
|
"lastModified": 1642069818,
|
||||||
"narHash": "sha256-mCjEJNKaeS/BhQQFNSxHfA0/XtujbTAAJpustt1hIxI=",
|
"narHash": "sha256-666w6j8wl/bojfgpp0k58/UJ5rbrdYFbI2RFT2BXbSQ=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "28d58b979250ef33f049fe1c74daa50b7515126b",
|
"rev": "46821ea01c8f54d2a20f5a503809abfc605269d7",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@@ -320,11 +320,11 @@
|
|||||||
},
|
},
|
||||||
"nixpkgs_3": {
|
"nixpkgs_3": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1641104204,
|
"lastModified": 1642069818,
|
||||||
"narHash": "sha256-mCjEJNKaeS/BhQQFNSxHfA0/XtujbTAAJpustt1hIxI=",
|
"narHash": "sha256-666w6j8wl/bojfgpp0k58/UJ5rbrdYFbI2RFT2BXbSQ=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "28d58b979250ef33f049fe1c74daa50b7515126b",
|
"rev": "46821ea01c8f54d2a20f5a503809abfc605269d7",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@@ -380,11 +380,11 @@
|
|||||||
},
|
},
|
||||||
"nixpkgs_7": {
|
"nixpkgs_7": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1641104204,
|
"lastModified": 1642069818,
|
||||||
"narHash": "sha256-mCjEJNKaeS/BhQQFNSxHfA0/XtujbTAAJpustt1hIxI=",
|
"narHash": "sha256-666w6j8wl/bojfgpp0k58/UJ5rbrdYFbI2RFT2BXbSQ=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "28d58b979250ef33f049fe1c74daa50b7515126b",
|
"rev": "46821ea01c8f54d2a20f5a503809abfc605269d7",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@@ -396,11 +396,11 @@
|
|||||||
},
|
},
|
||||||
"nixpkgs_8": {
|
"nixpkgs_8": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1640959792,
|
"lastModified": 1641887635,
|
||||||
"narHash": "sha256-zYSR//06FU2TDOpKKj0Hkff6unsxk3NwwNFuB1loU6E=",
|
"narHash": "sha256-kDGpufwzVaiGe5e1sBUBPo9f1YN+nYHJlYqCaVpZTQQ=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "59bfda72480496f32787cec8c557182738b1bd3f",
|
"rev": "b2737d4980a17cc2b7d600d7d0b32fd7333aca88",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@@ -412,11 +412,11 @@
|
|||||||
},
|
},
|
||||||
"nixpkgs_9": {
|
"nixpkgs_9": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1640871638,
|
"lastModified": 1641887635,
|
||||||
"narHash": "sha256-ty6sGnJUQEkCd43At5U3DRQZD7rPARz5VginSW6hZ3k=",
|
"narHash": "sha256-kDGpufwzVaiGe5e1sBUBPo9f1YN+nYHJlYqCaVpZTQQ=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "5b091d4fbe3b7b7493c3b46fe0842e4b30ea24b3",
|
"rev": "b2737d4980a17cc2b7d600d7d0b32fd7333aca88",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@@ -428,11 +428,11 @@
|
|||||||
},
|
},
|
||||||
"nur": {
|
"nur": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1641155785,
|
"lastModified": 1642189610,
|
||||||
"narHash": "sha256-QDnIQ7sfawBaQckDTIQqsSevftrJpxluQUhzX0goWg4=",
|
"narHash": "sha256-aRY1+itF7hArY7q5+2WmPzU9GYp2207rpIM6/d4uBkE=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "NUR",
|
"repo": "NUR",
|
||||||
"rev": "9dc87bdd533db31f14bd5fdc4f7fb6aab6a40056",
|
"rev": "8f0e4ae161d56f81e13ddb83ec17cfd702493c3a",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@@ -448,11 +448,11 @@
|
|||||||
"nixpkgs": "nixpkgs_9"
|
"nixpkgs": "nixpkgs_9"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1641111239,
|
"lastModified": 1642148099,
|
||||||
"narHash": "sha256-w1jUAuVmImMQGhaUY8dNVAxE4SNULI32RqyRX6DXzBo=",
|
"narHash": "sha256-XKXYI+4xov18J1cB2N3t0fEJUEy+8nLkm/J9AMNdRHY=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "neovim-nightly-overlay",
|
"repo": "neovim-nightly-overlay",
|
||||||
"rev": "5906176ea9464d9a33c229b124fd713584bcfa57",
|
"rev": "830fc4b7322dce7a0f44b27d057f6823601020a9",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@@ -485,11 +485,11 @@
|
|||||||
"nixpkgs": "nixpkgs_10"
|
"nixpkgs": "nixpkgs_10"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1641091280,
|
"lastModified": 1642128126,
|
||||||
"narHash": "sha256-atemDjUQXazv/VQvEb7VC6JQ6oe2n7D2r/09qRsbthc=",
|
"narHash": "sha256-av8JUACdrTfQYl/ftZJvKpZEmZfa0avCq7tt5Usdoq0=",
|
||||||
"owner": "oxalica",
|
"owner": "oxalica",
|
||||||
"repo": "rust-overlay",
|
"repo": "rust-overlay",
|
||||||
"rev": "13b6bd69cd0ecf985fba18105a23464c5e76b24a",
|
"rev": "ce4ef6f2d74f2b68f7547df1de22d1b0037ce4ad",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@@ -500,11 +500,11 @@
|
|||||||
},
|
},
|
||||||
"stable": {
|
"stable": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1641046839,
|
"lastModified": 1641870998,
|
||||||
"narHash": "sha256-9XJgfDKU1hhC0E16FxDJe//Utrm79AQxesPhTltwjQ4=",
|
"narHash": "sha256-6HkxR2WZsm37VoQS7jgp6Omd71iw6t1kP8bDbaqCDuI=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "d1e59cfc49961e121583abe32e2f3db1550fbcff",
|
"rev": "386234e2a61e1e8acf94dfa3a3d3ca19a6776efb",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|||||||
@@ -110,7 +110,7 @@
|
|||||||
Marisa = nixpkgs.lib.nixosSystem {
|
Marisa = nixpkgs.lib.nixosSystem {
|
||||||
system = "aarch64-linux";
|
system = "aarch64-linux";
|
||||||
modules = [
|
modules = [
|
||||||
./hosts/servers/marisa.nix
|
./hosts/marisa
|
||||||
#inputs.mailserver.nixosModules.mailserver
|
#inputs.mailserver.nixosModules.mailserver
|
||||||
{
|
{
|
||||||
nixpkgs.pkgs = self.legacyPackages.aarch64-linux;
|
nixpkgs.pkgs = self.legacyPackages.aarch64-linux;
|
||||||
@@ -124,7 +124,7 @@
|
|||||||
Remilia = nixpkgs.lib.nixosSystem {
|
Remilia = nixpkgs.lib.nixosSystem {
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
modules = [
|
modules = [
|
||||||
./hosts/servers/remilia.nix
|
./hosts/remilia
|
||||||
inputs.mailserver.nixosModules.mailserver
|
inputs.mailserver.nixosModules.mailserver
|
||||||
{
|
{
|
||||||
nixpkgs.pkgs = self.legacyPackages.x86_64-linux;
|
nixpkgs.pkgs = self.legacyPackages.x86_64-linux;
|
||||||
|
|||||||
@@ -11,6 +11,7 @@
|
|||||||
80 81
|
80 81
|
||||||
443 444
|
443 444
|
||||||
993 465 143 25
|
993 465 143 25
|
||||||
|
22001
|
||||||
];
|
];
|
||||||
allowedUDPPorts = [ 17840 ];
|
allowedUDPPorts = [ 17840 ];
|
||||||
};
|
};
|
||||||
|
|||||||
@@ -1,13 +1,14 @@
|
|||||||
{config, pkgs, ...}:
|
{config, pkgs, ...}:
|
||||||
{
|
{
|
||||||
services = {
|
services = {
|
||||||
openssh = { enable = true;
|
openssh = {
|
||||||
|
enable = true;
|
||||||
permitRootLogin = "yes";
|
permitRootLogin = "yes";
|
||||||
};
|
};
|
||||||
nginx = {
|
nginx = {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = (pkgs.nginx.overrideAttrs(oa: {
|
package = (pkgs.nginx.overrideAttrs(oa: {
|
||||||
configureFlags = oa.configureFlags ++ [ "--with-mail" "--with-mail_ssl_module" ];
|
configureFlags = oa.configureFlags ++ [ "--with-mail" "--with-mail_ssl_module" "--with-stream" ];
|
||||||
}));
|
}));
|
||||||
virtualHosts = {
|
virtualHosts = {
|
||||||
"weirdnatto.in" = {
|
"weirdnatto.in" = {
|
||||||
@@ -27,6 +28,16 @@
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
streamConfig = ''
|
||||||
|
upstream gitea {
|
||||||
|
server 10.55.0.2:22;
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen 22001;
|
||||||
|
proxy_pass gitea;
|
||||||
|
}
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
vault-agent = {
|
vault-agent = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|||||||
Reference in New Issue
Block a user