James/eve-psr-nix0
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add VaultWarden; update Transmission; reorder allowedTCPPorts

Browse Source
This commit is contained in:
James Eversole 2024-08-07 10:02:50 -05:00
parent afbbe88620
commit aa40c0c5e3
7 changed files with 15 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
nix/application/containers.nix
View File

@ -111,18 +111,28 @@
};
transmission = {
image = "haugene/transmission-openvpn:5";
image = "haugene/transmission-openvpn:5.3.1";
ports = [ "9091:9091" ];
volumes = [
"/home/sezycei/srv/scripts/transmission/settings.json:/etc/transmission-daemon/settings.json"
"/etc/localtime:/etc/localtime:ro"
"/home/torrent/data:/data"
"/home/sezycei/srv/scripts/transmission/custom-data:/etc/openvpn/custom"
];
environmentFiles =
[ config.age.secrets.transmission-env.path ];
extraOptions = [ "--cap-add=NET_ADMIN" "--privileged" ];
};
vaultwarden = {
image = "vaultwarden/server:1.31.0";
ports = [ "40080:80" ];
volumes = [
"/home/sezycei/srv/containerdata/bitwarden/data:/data"
];
environmentFiles = [ config.age.secrets.bitwarden-env.path ];
};
};
};
}

1
nix/application/nginx.nix
View File

@ -76,6 +76,7 @@
"jame.su" = static { dir = "/var/www/jame.su"; };
"matri.cx" = static { dir = "/var/www/matri.cx"; };
"media.matri.cx" = proxied { target = "http://127.0.0.1:8096"; };
"pw.eversole.co" = proxied { target = "http://127.0.0.1:40080"; };
"sezycei.com" = static { dir = "/var/www/sezycei.com"; };
"snakebelmont.com" = static { dir = "/var/www/snakebelmont.com"; };
"transmission.matri.cx" = proxiedLAN { target = "http://127.0.0.1:9091"; };

1
nix/system/age.nix
View File

@ -18,6 +18,7 @@
};
keys.file = ../../secrets/keys.age;
miniflux.file = ../../secrets/miniflux.age;
bitwarden-env.file = ../../secrets/bitwarden-env.age;
transmission-env.file = ../../secrets/transmission-env.age;
};
identityPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];

2
nix/system/network.nix
View File

@ -2,7 +2,7 @@
networking = {
hostName = "eve-psr-nix0";
firewall = {
allowedTCPPorts = [ 22 80 443 7860 23231 23232 23233 9418 3000 ];
allowedTCPPorts = [ 22 80 443 3000 7860 9418 23231 23232 23233 ];
allowedUDPPorts = [ 53 1194 ];
trustedInterfaces = [ "tun0" ];
};

1
secrets.nix
View File

@ -13,5 +13,6 @@ in
"secrets/htpasswd-dock.age" = { publicKeys = all; };
"secrets/keys.age" = { publicKeys = all; };
"secrets/miniflux.age" = { publicKeys = all; };
"secrets/bitwarden-env.age" = { publicKeys = all; };
"secrets/transmission-env.age" = { publicKeys = all; };
}

BIN
secrets/bitwarden-env.age Normal file
View File

Binary file not shown.

BIN
secrets/transmission-env.age
View File

Binary file not shown.