gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 04:19:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(hakurei): cloudflared

Browse source
This commit is contained in:
arcnmx 2024-01-20 13:54:29 -08:00
parent ddcdcb0e0e
commit 7ded53ccc1
10 changed files with 258 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

18
systems/hakurei/nixos.nix
View file

@ -10,9 +10,27 @@
nixos.base
nixos.reisen-ct
nixos.tailscale
nixos.cloudflared
nixos.nginx
nixos.access.proxmox
];
sops.secrets.cloudflared-tunnel-hakurei = {
owner = config.services.cloudflared.user;
};
services.cloudflared = let
tunnelId = "964121e3-b3a9-4cc1-8480-954c4728b604";
in {
tunnels.${tunnelId} = {
default = "http_status:404";
credentialsFile = config.sops.secrets.cloudflared-tunnel-hakurei.path;
ingress = {
"prox.${config.networking.domain}".service = "http://localhost";
};
};
};
sops.defaultSopsFile = ./secrets.yaml;
system.stateVersion = "23.11";

5
systems/hakurei/secrets.yaml
View file

@ -1,4 +1,5 @@
tailscale-key: ENC[AES256_GCM,data:HmowloL0TsKM/XFI5GDd6Nl+9uSZcYevB6CObq1Eg5cvyhtb4pJgMA2GRxE6mJQXva5cet56Udlj,iv:4gSDgWIAAZLokvJzEW+JF0xoNzHr4zW1Zc9qJdpgcc0=,tag:hWMRNc6Odfi19HnjwQSGgQ==,type:str]
cloudflared-tunnel-hakurei: ENC[AES256_GCM,data:Pwj8/8RSLrfylwl1Et6SHOJSMWxm+Kn1WpYgZhvWoUQ9GsiuRFf2j0mdu36zid9N+6QC3NK9yv6mMfIgvLJkjXhiYtMidZD4e6a4kQMVbbui+Ohj6wf92Jg5rRdassFHJZSCyZtbaeBXqOzzqF51QrEEWRFxfxt6cvwqZjvSMsbctjltwiD7CehhzQGvDdstZAsVhJC6c+GKDs5pFU3KPTTIHc6b1IzZFijgJZKtNNgKrc4Wqw0=,iv:i2YZq7WMuKiDEHMUJS3QD+SP68Rkpt2fS4X8pkv8s3I=,tag:+0RuoOBf9Vm6aJdCsDfvKg==,type:str]
sops:
shamir_threshold: 1
kms: []
@ -15,8 +16,8 @@ sops:
ZEpzdWJZWGdEaElLZUc1YW5ON0YrM2MKk/dZvaFVzfkMD3poreaDGfJwG5j5fL3L
kuV/3fEHBf5HszR/VTy/bZ2+abN6x3UG5h0l+QaS9ux+mtwFCyYYjg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-01-19T18:41:54Z"
mac: ENC[AES256_GCM,data:ZBHhH10PYH6TTzezIRORy67C8n1ItvLLlhHs+n7gB09JK+IsdKh4MDWtCNdo/2lLBFEKknn46HkOqFeaGrltkb/DryzPdRKBQSV6aj2Tfk52t8RrvgcG14iFqoifZ30STFkipA4jMuSuRnlk4VQfrZMyKJj2RpcpqNn5pYLdXJM=,iv:rvzixIXKC+E1LS0yYHhIwh0Z2aQ1vgd3laMPV6GCKD0=,tag:Oc1xnIuq8C5IzZAfpoargA==,type:str]
lastmodified: "2024-01-20T00:35:43Z"
mac: ENC[AES256_GCM,data:jgsjLzPDdK1v2QpILqpirfnc0keEoIzO9QX0hMm0PK6VO6UMAF5IbQmeR25tZqNpJTRdcZlFb59mFqpazgzfS1S8+zckroefww7jG2oRvZz88DTxOA9quI/kuBhjUMG3oofrLpqu3Mjwu3ZXh7jfZ8HyzdAvqi9vjXXwi9P7zvw=,iv:7tydgr3duSPZXht00ivReS9o4CPa1uyhTRvgHatONKQ=,tag:Ojk/+eTacfWEMiKlNZwExw==,type:str]
pgp:
- created_at: "2024-01-19T18:57:37Z"
enc: |-

1
systems/tei/nixos.nix
View file

@ -14,6 +14,7 @@
nixos.nginx
nixos.access.gensokyo
nixos.access.zigbee2mqtt
nixos.access.home-assistant
nixos.vouch
nixos.kanidm
nixos.mosquitto