Merge branch 'main' of github.com:JulienMalka/nix-config

2025-06-08 10:09:04 +02:00 · 2022-02-26 23:50:12 +01:00 · 2022-02-26 23:50:12 +01:00 · 3a330cd200
commit 3a330cd200
parent 3ea05e0d89 1e24eb44ab
24 changed files with 475 additions and 34 deletions
--- a/machines/lisa/default.nix
+++ b/machines/lisa/default.nix
@ -1,5 +1,4 @@
 { config, lib, pkgs, modulesPath, ... }:
-
 {
  imports =
    [
@ -38,6 +37,7 @@
        subdomain = "docs";
      };
    };
+    homer.enable = true;
    bruit = {
      enable = true;
      nginx = {
@ -76,8 +76,7 @@
  system.stateVersion = "21.11";


-    networking.firewall = {
-    allowedTCPPorts = [ ];
+  networking.firewall = {
    allowedUDPPorts = [ 51820 ];
  };
  networking.nat.enable = true;
@ -126,7 +125,15 @@
          allowedIPs = [ "10.100.0.8/32" ];
          publicKey = "EmWRWnZfr60ekm4ZLdwa6gXU6V3p39p6tWOZ03dL+DA=";
        }
-      ]; 
+        {
+          allowedIPs = [ "10.100.0.9/32" ];
+          publicKey = "z85y4nc+7O7t2I4VqP0SAKJOD46PlkXoEPiuGOBS+SI=";
+        }
+        {
+          allowedIPs = [ "10.100.0.10/32" ];
+          publicKey = "SJ9tflQps1kssFsgVGLhqSSVKNPDspd+5xVMSu/aqk4=";
+        }
+      ];

    };
  };
@ -134,10 +141,13 @@



-
-
-
-
-
+  services.nginx.virtualHosts."jellyfin.mondon.me" = {
+    enableACME = true;
+    forceSSL = true;
+    locations."/" = {
+      proxyWebsockets = true;
+      proxyPass = "http://10.100.0.4";
+    };
+  };

 }
--- a/machines/newton/default.nix
+++ b/machines/newton/default.nix
@ -18,6 +18,11 @@ in
      enable = true;
      subdomain = "cloud";
    };
+    paperless = {
+      enable = true;
+      nginx.enable = true;
+      nginx.subdomain = "papers";
+    };
    zfs-mails.enable = true;
    zfs-mails.name = hostName;
    zfs-mails.smart.enable = true;
@ -33,6 +38,25 @@ in
  services.zfs.autoSnapshot.enable = true;
  services.zfs.autoScrub.enable = true;

+
+ networking.wireguard.interfaces = {
+    wg0 = {
+      ips = [ "10.100.0.10/24" ];
+      listenPort = 51820;
+      privateKeyFile = "/root/wireguard-keys/private";
+
+      peers = [
+        {
+          allowedIPs = [ "10.100.0.0/24" ];
+          publicKey = "hz+h9Oque5h+Y/WzOUnai3e9UfIfDsvtqmQH0xycIzs=";
+          endpoint = "212.129.40.11:51820";
+          persistentKeepalive = 25;
+        }
+      ];
+    };
+  };
+ 
+
  system.stateVersion = "21.05";

 }