Blunkall-Technologies/Olympus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

isolate internal services to internal networks

Browse Source
This commit is contained in:
Nathan
2024-11-21 11:13:13 -06:00
parent 48ff0f85ec
commit fb0d7fed9d
3 changed files with 114 additions and 82 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
system-config/configuration/homebox/default.nix
View File

@@ -90,7 +90,8 @@
hostName = "homebox";
nameservers = [ "1.1.1.1" "1.0.0.1" ];
networkmanager.enable = true;
firewall.allowedTCPPorts = [ 22 80 443 9000 8080 6080 ];
firewall.allowedTCPPorts = [ 22 80 443 ];
firewall.interfaces."ve-traefik".allowedTCPPorts = [ 9000 8080 6080 ];
hosts = {
"192.168.100.11" = [ "blunkall.us" "*.blunkall.us" "*.local.blunkall.us" ];
};
@@ -254,7 +255,7 @@
"blunkall.us".enable = true;
pihole.enable = true;
pihole.enable = false;
nextcloud.enable = true;

2
system-config/services/containers/traefik/default.nix
View File

@@ -229,7 +229,7 @@
pihole.loadBalancer.servers = [ { url = "http://192.168.100.10:8080"; } ];
novnc.loadBalancer.servers = [ { url = "http://192.168.100.10:6080/vnc.html"; } ];
novnc.loadBalancer.servers = [ { url = "http://192.168.100.10:6080"; } ];
nextcloud.loadBalancer.servers = [ { url = "http://192.168.100.15:80"; } ];
};