diff --git a/system-config/configuration/homebox/default.nix b/system-config/configuration/homebox/default.nix index c5c0151..4e4ef5f 100644 --- a/system-config/configuration/homebox/default.nix +++ b/system-config/configuration/homebox/default.nix @@ -97,21 +97,7 @@ hostName = "homebox"; nameservers = [ "1.1.1.1" "1.0.0.1" ]; networkmanager.enable = true; - firewall.allowedTCPPorts = lib.mkIf config.sysconfig.opts.virtualization.traefik.enable [ 22 80 443 ]; - firewall.interfaces."ve-traefik".allowedTCPPorts = lib.mkIf config.sysconfig.opts.virtualization.traefik.enable [ - 8080 - 8123 - ]; - firewall.interfaces."ve-novnc" = lib.mkIf config.sysconfig.opts.virtualization.novnc.enable { - allowedTCPPorts = [ 5900 ]; - allowedUDPPorts = [ 5900 ]; - }; - hosts = { - "192.168.100.11" = lib.mkIf config.sysconfig.opts.virtualization.traefik.enable [ "blunkall.us" "*.blunkall.us" ]; - "192.168.100.20" = lib.mkIf config.sysconfig.opts.virtualization.gitea.enable [ "gitea.blunkall.us" ]; - "192.168.100.21:5678" = lib.mkIf config.sysconfig.opts.virtualization.n8n.enable [ "n8n.local" ]; - "192.168.100.25:8123" = lib.mkIf config.sysconfig.opts.virtualization.homeassistant.enable [ "hass.local" ]; - }; + nftables = {}; nat = { enable = true; diff --git a/system-config/services/containers/gitea/default.nix b/system-config/services/containers/gitea/default.nix index 564e0ac..11637e0 100644 --- a/system-config/services/containers/gitea/default.nix +++ b/system-config/services/containers/gitea/default.nix @@ -7,6 +7,8 @@ config = lib.mkIf config.sysconfig.opts.virtualization.gitea.enable { + networking.hosts."192.168.100.20" = [ "gitea.blunkall.us" ]; + sops.secrets = { "gitea/dbpass" = {}; }; diff --git a/system-config/services/containers/homeassistant/default.nix b/system-config/services/containers/homeassistant/default.nix index 743a0b2..fd12fec 100644 --- a/system-config/services/containers/homeassistant/default.nix +++ b/system-config/services/containers/homeassistant/default.nix @@ -13,6 +13,8 @@ config = lib.mkIf config.sysconfig.opts.virtualization.homeassistant.enable { + networking.hosts."192.168.100.25" = [ "hass.local" ]; + containers.home-assistant = { autoStart = true; @@ -34,6 +36,7 @@ config = { homeassistant.unit_system = "us_customary"; + http.server_port = 80; }; configWritable = true; diff --git a/system-config/services/containers/n8n/default.nix b/system-config/services/containers/n8n/default.nix index 59a13c5..c987888 100644 --- a/system-config/services/containers/n8n/default.nix +++ b/system-config/services/containers/n8n/default.nix @@ -6,6 +6,8 @@ }; config = lib.mkIf config.sysconfig.opts.virtualization.n8n.enable { + + networking.hosts."192.168.100.21" = [ "n8n.local" ]; containers.n8n = { @@ -41,6 +43,8 @@ N8N_DIAGNOSTICS_CONFIG_BACKEND = ""; N8N_SECURE_COOKIE = "false"; + + N8N_PORT = 80; }; }; diff --git a/system-config/services/containers/novnc/default.nix b/system-config/services/containers/novnc/default.nix index 4e3ca69..b541b13 100644 --- a/system-config/services/containers/novnc/default.nix +++ b/system-config/services/containers/novnc/default.nix @@ -7,6 +7,15 @@ config = lib.mkIf config.sysconfig.opts.virtualization.novnc.enable { + networking = { + hosts."192.168.100.30" = [ "novnc.local" ]; + + firewall.interfaces."ve-novnc" = lib.mkIf config.sysconfig.opts.virtualization.novnc.enable { + allowedTCPPorts = [ 5900 ]; + allowedUDPPorts = [ 5900 ]; + }; + }; + containers.novnc = { autoStart = true; diff --git a/system-config/services/containers/traefik/default.nix b/system-config/services/containers/traefik/default.nix index 513e12d..e7cf046 100644 --- a/system-config/services/containers/traefik/default.nix +++ b/system-config/services/containers/traefik/default.nix @@ -6,6 +6,11 @@ }; config = lib.mkIf config.sysconfig.opts.virtualization.traefik.enable { + + networking = { + hosts."192.168.100.11" = [ "blunkall.us" "*.blunkall.us" "traefik.local" ]; + firewall.allowedTCPPorts = [ 22 80 443]; + }; containers.traefik = {