palo/nixos-config
palo/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

taskserver use public domain

Browse source
This commit is contained in:
Ingolf Wagner 2021-03-14 04:52:33 +01:00
parent bcbcf986bc
commit 75fad5050b
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
2 changed files with 16 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
configs/sputnik/nginx.nix
View file

@ -29,8 +29,10 @@ let
}; };
in { in {
networking.firewall.allowedTCPPorts = [ 80 443 4443 ]; networking.firewall.allowedTCPPorts =
networking.firewall.allowedUDPPorts = [ 80 443 4443 ]; [ 80 443 4443 config.services.taskserver.listenPort ];
networking.firewall.allowedUDPPorts =
[ 80 443 4443 config.services.taskserver.listenPort ];
services.nginx = { services.nginx = {
enable = true; enable = true;
@ -342,7 +344,14 @@ in {
script = '' script = ''
${pkgs.socat}/bin/socat TCP-LISTEN:2222,fork TCP:workhorse.private:2222 ${pkgs.socat}/bin/socat TCP-LISTEN:2222,fork TCP:workhorse.private:2222
''; '';
#serviceConfig.User = "sslh"; };
systemd.services."socat-taskd" = {
wantedBy = [ "multi-user.target" ];
script = let port = toString config.services.taskserver.listenPort;
in ''
${pkgs.socat}/bin/socat TCP-LISTEN:${port},fork TCP:workhorse.private:${port}
'';
}; };
} }

7
configs/workhorse/taskserver.nix
View file

@ -2,12 +2,13 @@
services.taskserver = { services.taskserver = {
enable = true; enable = true;
fqdn = "workhorse.private"; fqdn = "taskd.ingolf-wagner.de";
listenHost = "0.0.0.0"; listenHost = "0.0.0.0";
requestLimit = 104857600; requestLimit = 104857600;
trust = "allow all"; trust = "strict";
dataDir = "/var/lib/taskserver"; dataDir = "/var/lib/taskserver";
organisations."orgie".users = [ "palo" ]; organisations."1337".users = [ "palo" "beta" ];
ciphers = "SECURE256";
}; };
backup.dirs = [ config.services.taskserver.dataDir ]; backup.dirs = [ config.services.taskserver.dataDir ];