sourcephile
/
git
/
sourcephile-nix.git
/ blob
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
history
|
raw
|
HEAD
mermet: nebula: sourcephile.fr: adapt to new conventions
[sourcephile-nix.git]
/
hosts
/
mermet
/
nebula.nix
1
{
2
pkgs,
3
lib,
4
config,
5
inputs,
6
...
7
}:
8
let
9
domain = "sourcephile.fr";
10
port = 10001;
11
ipv4Prefix = "10.0.0";
12
in
13
{
14
imports = [
15
(inputs.julm-nix + "/domains/sourcephile.fr/nebula.nix")
16
];
17
services.nebula.networks.${domain} = {
18
enable = true;
19
listen.port = port;
20
isLighthouse = true;
21
isRelay = true;
22
firewall = {
23
outbound = [
24
{
25
port = "any";
26
proto = "any";
27
host = "any";
28
}
29
];
30
inbound = [
31
{
32
port = "any";
33
proto = "any";
34
host = "any";
35
}
36
];
37
};
38
};
39
networking.nftables.ruleset = '''';
40
services.fail2ban.ignoreIP = [
41
"${ipv4Prefix}.1/24"
42
];
43
}
sourcephile / git / sourcephile-nix.git / blob