mirror of
https://github.com/gensokyo-zone/infrastructure.git
synced 2026-02-10 04:49:19 -08:00
37 lines
738 B
Nix
37 lines
738 B
Nix
{
|
|
config,
|
|
meta,
|
|
...
|
|
}: {
|
|
imports = let
|
|
inherit (meta) nixos;
|
|
in [
|
|
nixos.sops
|
|
nixos.base
|
|
nixos.reisen-ct
|
|
nixos.tailscale
|
|
nixos.cloudflared
|
|
nixos.nginx
|
|
nixos.access.proxmox
|
|
];
|
|
|
|
sops.secrets.cloudflared-tunnel-hakurei = {
|
|
owner = config.services.cloudflared.user;
|
|
};
|
|
|
|
services.cloudflared = let
|
|
tunnelId = "964121e3-b3a9-4cc1-8480-954c4728b604";
|
|
in {
|
|
tunnels.${tunnelId} = {
|
|
default = "http_status:404";
|
|
credentialsFile = config.sops.secrets.cloudflared-tunnel-hakurei.path;
|
|
ingress = {
|
|
"prox.${config.networking.domain}".service = "http://localhost";
|
|
};
|
|
};
|
|
};
|
|
|
|
sops.defaultSopsFile = ./secrets.yaml;
|
|
|
|
system.stateVersion = "23.11";
|
|
}
|