diff options
| -rw-r--r-- | nixos/vps/configuration.nix | 113 |
1 files changed, 1 insertions, 112 deletions
diff --git a/nixos/vps/configuration.nix b/nixos/vps/configuration.nix index b0c3f6a..28621ce 100644 --- a/nixos/vps/configuration.nix +++ b/nixos/vps/configuration.nix @@ -18,16 +18,7 @@ 80 443 # xray - 57625 - # wireguard - 53 - 5201 - ]; - - networking.firewall.allowedUDPPorts = [ - # wireguard - 53 - 51820 + 57625 ]; networking.domain = "kcu.su"; @@ -53,42 +44,11 @@ "147.45.40.6" = ["stereotyped-sheet.aeza.network" "stereotyped-sheet"]; }; - networking.nat = { - enable = true; - externalInterface = "ens3"; - internalInterfaces = [ "wg0" ]; - }; - - networking.wg-quick = { - interfaces.wg0 = { - address = [ "10.1.1.1/32" ]; - listenPort = 51820; - - privateKeyFile = "/root/wireguard-keys/private"; - - preUp = "sysctl -w net.ipv4.ip_forward=1"; - - peers = [ - { - allowedIPs = [ "10.1.1.2/32" ]; - publicKey = "kzXzxJu1AdcRI5UwtGOrN6WuTZYqJo++PYRrXdOu/lY="; - persistentKeepalive = 25; - } - ]; - }; - }; - - # services.headscale = { - # enable = true; - # port = 8123; - # }; - services.openssh = { enable = true; settings.PasswordAuthentication = false; }; - environment.systemPackages = map lib.lowPrio [ pkgs.curl pkgs.gitMinimal @@ -100,12 +60,6 @@ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDJ8UW1BXDGDmlaiARO3a9boTG8wknUyITMz0Z0OJpHx spleefer6@yandex.ru" ]; }; - fimoz = { - isNormalUser = true; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ//SNTK/qZmoT0YH7tHxXg6VGEbxbxPLXQVC1zsBPb4 90ts@mail.ru" - ]; - }; }; @@ -129,27 +83,6 @@ "; recommendedProxySettings = false; }; - - "chat".proxyPass = "http://127.0.0.1:30017"; - "argocd".proxyPass = "https://127.0.0.1:30018"; - "health".proxyPass = "http://127.0.0.1:8090"; - "music".proxyPass = "http://127.0.0.1:4747"; - }; - - extraVirtualHosts = { - "_" = { - locations."/" = { - return = 444; - }; - }; - }; - - home = - let - homeConfig = import ../server/configuration.nix { inherit modulesPath config lib pkgs; }; - in { - subdomains = homeConfig.nginx.subdomains; - url = "http://10.1.1.2"; }; }; @@ -164,49 +97,5 @@ }; }; - services.k3s = { - enable = false; - role = "server"; - extraFlags = ["--disable traefik"]; - }; - - gonic = { - enable = true; - extraGroups = ["music" "files"]; - musicPaths = ["/srv/files/music"]; - }; - - boot.supportedFilesystems = [ "nfs" ]; - services.nfs.idmapd = { - settings = { - General = { - Domain = "kcu.su"; - }; - Mapping = { - Nobody-User = "nobody"; - Nobody-Group = "nogroup"; - }; - }; - }; - filesDir = { - enable = true; - subPaths = [ - { - path = "music"; - group = "music"; - } - ]; - }; - fileSystems."/srv/files/music" = { - device = "10.1.1.2:/music"; - fsType = "nfs"; - options = [ - "defaults" - "x-systemd.automount" - "x-systemd.mount-timeout=30" - "_netdev" - ]; - }; - system.stateVersion = "24.05"; } |