Luj/snowfield
1
0
Fork 0
mirror of https://github.com/JulienMalka/snowfield.git synced 2025-04-04 19:20:58 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

moved headscale to lambda

Browse source
This commit is contained in:
Julien Malka 2023-05-16 19:42:38 +02:00
parent 7038055d60
commit faccadff36
Signed by: Luj
GPG key ID: 6FC74C847011FD83
1 changed files with 40 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
machines/lambda/default.nix
View file

@ -147,6 +147,46 @@ VfXtULncAiEA2gmqdr+ugFz5tvPdKwanroTiMTUMhhCRYVlQlyTApyQ=
]; ];
services.headscale = {
logLevel = "debug";
enable = true;
address = "127.0.0.1";
settings = {
dns_config = {
override_local_dns = false;
magic_dns = false;
nameservers = [
"1.1.1.1"
];
#domains = [ "kms" "julienmalka.me" "luj" ];
restricted_nameservers = {
"kms" = [ "100.100.45.5" ];
"julienmalka.me" = [ "100.100.45.5" ];
"luj" = [ "100.100.45.5" ];
"saumon" = [ "100.100.45.5" ];
};
};
server_url = "https://vpn.saumon.network";
ip_prefixes = [
"100.100.45.0/24"
"fd7a:115c:a1e0::/48"
];
};
};
services.nginx.virtualHosts = {
"vpn.saumon.network" = {
forceSSL = true;
enableACME = true;
locations = {
"/" = {
proxyPass = "http://localhost:${toString config.services.headscale.port}";
proxyWebsockets = true;
};
};
};
};
services.openssh = { services.openssh = {
enable = true; enable = true;
ports = [ 45 ]; ports = [ 45 ];