]> Git — Sourcephile - sourcephile-nix.git/blob - machines/mermet/croc.nix
sourcephile / git / sourcephile-nix.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
nix: move to flake.nix
[sourcephile-nix.git] / machines / mermet / croc.nix
1 { flakes, pkgs, lib, config, machineName, ... }:
2 let
3 croc = config.services.croc;
4 in
5 {
6 networking.nftables.ruleset = ''
7 add rule inet filter net2fw tcp dport {${lib.concatMapStringsSep "," toString croc.ports}} counter accept comment "croc"
8 '';
9 services.croc = {
10 enable = true;
11 pass = builtins.readFile (flakes.secrets + "/croc/pass");
12 };
13 }
NixOS configurations for Sourcephile's infrastructure