Blunkall-Technologies/Olympus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

isolate internal services to internal networks

Browse Source
This commit is contained in:
Nathan
2024-11-21 11:13:13 -06:00
parent 48ff0f85ec
commit fb0d7fed9d
3 changed files with 114 additions and 82 deletions
Download Patch File Download Diff File Expand all files Collapse all files

189
flake.lock generated
View File

@@ -158,11 +158,11 @@
]
},
"locked": {
"lastModified": 1722113426,
"narHash": "sha256-Yo/3loq572A8Su6aY5GP56knpuKYRvM2a1meP9oJZCw=",
"lastModified": 1728330715,
"narHash": "sha256-xRJ2nPOXb//u1jaBnDP56M7v5ldavjbtR6lfGqSvcKg=",
"owner": "numtide",
"repo": "devshell",
"rev": "67cce7359e4cd3c45296fb4aaf6a19e2a9c757ae",
"rev": "dd6b80932022cea34a019e2bb32f6fa9e494dfef",
"type": "github"
},
"original": {
@@ -191,11 +191,11 @@
]
},
"locked": {
"lastModified": 1732030699,
"narHash": "sha256-SBosboLvLqDv+7mNgRTIYDQbHE61rDDkXTJWiRX3PPo=",
"lastModified": 1732109232,
"narHash": "sha256-iYh6h8yueU8IyOfNclbiBG2+fBFcjjUfXm90ZBzk0c0=",
"owner": "nix-community",
"repo": "disko",
"rev": "da52cf40206d7d1a419d07640eb47b2fb9ac2c21",
"rev": "a0c384e0a3b8bcaed30a6bcf3783f8a7c8b35be4",
"type": "github"
},
"original": {
@@ -229,11 +229,11 @@
},
"locked": {
"dir": "pkgs/firefox-addons",
"lastModified": 1732024923,
"narHash": "sha256-cLPsA9gUOWa2R3GI3JTS79JWjuczsEVONhECQXSq2Kw=",
"lastModified": 1732161788,
"narHash": "sha256-ilkOtBbv5onnMOYnLWVpBd6bZHP3xwzagccBk1mW/z4=",
"owner": "rycee",
"repo": "nur-expressions",
"rev": "e8342147922133c13bab28940e558a778add6539",
"rev": "3071fc96bc39e58df1c6d48e8008c96f09a00b42",
"type": "gitlab"
},
"original": {
@@ -350,11 +350,11 @@
"nixpkgs-lib": "nixpkgs-lib_2"
},
"locked": {
"lastModified": 1727826117,
"narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=",
"lastModified": 1730504689,
"narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1",
"rev": "506278e768c2a08bec68eb62932193e341f55c90",
"type": "github"
},
"original": {
@@ -372,11 +372,11 @@
]
},
"locked": {
"lastModified": 1727826117,
"narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=",
"lastModified": 1730504689,
"narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1",
"rev": "506278e768c2a08bec68eb62932193e341f55c90",
"type": "github"
},
"original": {
@@ -423,11 +423,11 @@
"systems": "systems_4"
},
"locked": {
"lastModified": 1726560853,
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
@@ -495,11 +495,11 @@
]
},
"locked": {
"lastModified": 1727805723,
"narHash": "sha256-b8flytpuc4Ey/g3mcvpS/ICORcD4h56QDZeP5LogevY=",
"lastModified": 1731363552,
"narHash": "sha256-vFta1uHnD29VUY4HJOO/D6p6rxyObnf+InnSMT4jlMU=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "2f5ae3fc91db865eff2c5a418da85a0fbe6238a3",
"rev": "cd1af27aa85026ac759d5d3fccf650abe7e1bbf0",
"type": "github"
},
"original": {
@@ -682,11 +682,11 @@
]
},
"locked": {
"lastModified": 1727383923,
"narHash": "sha256-4/vacp3CwdGoPf8U4e/N8OsGYtO09WTcQK5FqYfJbKs=",
"lastModified": 1731887066,
"narHash": "sha256-uw7K/RsYioJicV79Nl39yjtfhdfTDU2aRxnBgvFhkZ8=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "ffe2d07e771580a005e675108212597e5b367d2d",
"rev": "f3a2ff69586f3a54b461526e5702b1a2f81e740a",
"type": "github"
},
"original": {
@@ -862,11 +862,11 @@
"xdph": "xdph"
},
"locked": {
"lastModified": 1731978971,
"narHash": "sha256-P9DXCxDvjFt4aMc2x67hvSpNvSqX18X840w6cEVZXoo=",
"lastModified": 1732100541,
"narHash": "sha256-vFeNbKUstvSZbe9TD4bDYozZd+A/bKD+fxCye+p/Mp8=",
"ref": "refs/heads/main",
"rev": "67cee430061626ccd73dc6d30eed9db289053608",
"revCount": 5480,
"rev": "940f7aa990dbc99815bab8d355999d8277534b17",
"revCount": 5484,
"submodules": true,
"type": "git",
"url": "https://github.com/hyprwm/Hyprland"
@@ -906,11 +906,11 @@
"xdph": "xdph_2"
},
"locked": {
"lastModified": 1731978971,
"narHash": "sha256-P9DXCxDvjFt4aMc2x67hvSpNvSqX18X840w6cEVZXoo=",
"lastModified": 1732100541,
"narHash": "sha256-vFeNbKUstvSZbe9TD4bDYozZd+A/bKD+fxCye+p/Mp8=",
"ref": "refs/heads/main",
"rev": "67cee430061626ccd73dc6d30eed9db289053608",
"revCount": 5480,
"rev": "940f7aa990dbc99815bab8d355999d8277534b17",
"revCount": 5484,
"submodules": true,
"type": "git",
"url": "https://github.com/hyprwm/Hyprland"
@@ -1170,6 +1170,36 @@
"type": "github"
}
},
"ixx_2": {
"inputs": {
"flake-utils": [
"nixvim",
"nixvim",
"nuschtosSearch",
"flake-utils"
],
"nixpkgs": [
"nixvim",
"nixvim",
"nuschtosSearch",
"nixpkgs"
]
},
"locked": {
"lastModified": 1729958008,
"narHash": "sha256-EiOq8jF4Z/zQe0QYVc3+qSKxRK//CFHMB84aYrYGwEs=",
"owner": "NuschtOS",
"repo": "ixx",
"rev": "9fd01aad037f345350eab2cd45e1946cc66da4eb",
"type": "github"
},
"original": {
"owner": "NuschtOS",
"ref": "v0.0.6",
"repo": "ixx",
"type": "github"
}
},
"nathan": {
"inputs": {
"home-manager": "home-manager_2",
@@ -1180,11 +1210,11 @@
"locked": {
"lastModified": 1,
"narHash": "sha256-Hripi5dnBGegbRPwCt1+a3oH6b1AQxEoJXodiLE8KKw=",
"path": "/nix/store/qvzx3zcff8jsbnqqwrzh62j3ay1lc06q-source/home-manager",
"path": "/nix/store/32h16ywb0xb37hvimz74apw471i7c7jq-source/home-manager",
"type": "path"
},
"original": {
"path": "/nix/store/qvzx3zcff8jsbnqqwrzh62j3ay1lc06q-source/home-manager",
"path": "/nix/store/32h16ywb0xb37hvimz74apw471i7c7jq-source/home-manager",
"type": "path"
}
},
@@ -1221,11 +1251,11 @@
]
},
"locked": {
"lastModified": 1727707210,
"narHash": "sha256-8XZp5XO2FC6INZEZ2WlwErtvFVpl45ACn8CJ2hfTA0Y=",
"lastModified": 1731885500,
"narHash": "sha256-ZrztYfSOS33J+ewq5alBOSdnIyZ0/sr1iy7FyBe9zIg=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "f61d5f2051a387a15817007220e9fb3bbead57b3",
"rev": "c60b5c924c6188a0b3ca2e139ead3d0f92ae5db5",
"type": "github"
},
"original": {
@@ -1264,14 +1294,14 @@
},
"nixpkgs-lib_2": {
"locked": {
"lastModified": 1727825735,
"narHash": "sha256-0xHYkMkeLVQAMa7gvkddbPqpxph+hDzdu1XdGPJR+Os=",
"lastModified": 1730504152,
"narHash": "sha256-lXvH/vOfb4aGYyvFmZK/HlsNsr/0CVWlwYvo2rxJk3s=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/fb192fec7cc7a4c26d51779e9bab07ce6fa5597a.tar.gz"
"url": "https://github.com/NixOS/nixpkgs/archive/cc2f28000298e1269cea6612cd06ec9979dd5d7f.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/fb192fec7cc7a4c26d51779e9bab07ce6fa5597a.tar.gz"
"url": "https://github.com/NixOS/nixpkgs/archive/cc2f28000298e1269cea6612cd06ec9979dd5d7f.tar.gz"
}
},
"nixpkgs-stable": {
@@ -1308,11 +1338,11 @@
},
"nixpkgs-us": {
"locked": {
"lastModified": 1731676054,
"narHash": "sha256-OZiZ3m8SCMfh3B6bfGC/Bm4x3qc1m2SVEAlkV6iY7Yg=",
"lastModified": 1732014248,
"narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "5e4fbfb6b3de1aa2872b76d49fafc942626e2add",
"rev": "23e89b7da85c3640bbc2173fe04f4bd114342367",
"type": "github"
},
"original": {
@@ -1324,11 +1354,11 @@
},
"nixpkgs-us_2": {
"locked": {
"lastModified": 1731676054,
"narHash": "sha256-OZiZ3m8SCMfh3B6bfGC/Bm4x3qc1m2SVEAlkV6iY7Yg=",
"lastModified": 1732014248,
"narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "5e4fbfb6b3de1aa2872b76d49fafc942626e2add",
"rev": "23e89b7da85c3640bbc2173fe04f4bd114342367",
"type": "github"
},
"original": {
@@ -1340,11 +1370,11 @@
},
"nixpkgs_10": {
"locked": {
"lastModified": 1727634051,
"narHash": "sha256-S5kVU7U82LfpEukbn/ihcyNt2+EvG7Z5unsKW9H/yFA=",
"lastModified": 1731676054,
"narHash": "sha256-OZiZ3m8SCMfh3B6bfGC/Bm4x3qc1m2SVEAlkV6iY7Yg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "06cf0e1da4208d3766d898b7fdab6513366d45b9",
"rev": "5e4fbfb6b3de1aa2872b76d49fafc942626e2add",
"type": "github"
},
"original": {
@@ -1388,11 +1418,11 @@
},
"nixpkgs_3": {
"locked": {
"lastModified": 1731676054,
"narHash": "sha256-OZiZ3m8SCMfh3B6bfGC/Bm4x3qc1m2SVEAlkV6iY7Yg=",
"lastModified": 1725634671,
"narHash": "sha256-v3rIhsJBOMLR8e/RNWxr828tB+WywYIoajrZKFM+0Gg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5e4fbfb6b3de1aa2872b76d49fafc942626e2add",
"rev": "574d1eac1c200690e27b8eb4e24887f8df7ac27c",
"type": "github"
},
"original": {
@@ -1484,11 +1514,11 @@
},
"nixpkgs_9": {
"locked": {
"lastModified": 1727802920,
"narHash": "sha256-HP89HZOT0ReIbI7IJZJQoJgxvB2Tn28V6XS3MNKnfLs=",
"lastModified": 1731676054,
"narHash": "sha256-OZiZ3m8SCMfh3B6bfGC/Bm4x3qc1m2SVEAlkV6iY7Yg=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "27e30d177e57d912d614c88c622dcfdb2e6e6515",
"rev": "5e4fbfb6b3de1aa2872b76d49fafc942626e2add",
"type": "github"
},
"original": {
@@ -1505,11 +1535,11 @@
"nixvim": "nixvim_2"
},
"locked": {
"lastModified": 1732051016,
"narHash": "sha256-hr03iyn0v1d84BrrOtaRyHXsK2/e2Hn43CNSF19Iy30=",
"lastModified": 1732083712,
"narHash": "sha256-z2dKLuUHnJ8tlsZf6l+z+vbnpnb8nYBVFgwjxu609+U=",
"ref": "refs/heads/master",
"rev": "88d1c2b2565a9e571c99b24368afe6c3d7034758",
"revCount": 3,
"rev": "ee443227054f76f7d5177f7fe82bc58e3566760e",
"revCount": 4,
"type": "git",
"url": "file:///home/nathan/Projects/Nixvim"
},
@@ -1577,11 +1607,11 @@
"treefmt-nix": "treefmt-nix_2"
},
"locked": {
"lastModified": 1727871072,
"narHash": "sha256-t+YLQwBB1soQnVjT6d7nQq4Tidaw7tpB8i6Zvpc+Zbs=",
"lastModified": 1732035679,
"narHash": "sha256-J03v1XnxvsrrvHmzKVBZiwik8678IXfkH1/ZR954ujk=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "0ca98d02104f7f0a703787a7a080a570b7f1bedd",
"rev": "929bb0cd1cffb9917ab14be9cdb3f27efd6f505f",
"type": "github"
},
"original": {
@@ -1619,6 +1649,7 @@
"nuschtosSearch_2": {
"inputs": {
"flake-utils": "flake-utils_3",
"ixx": "ixx_2",
"nixpkgs": [
"nixvim",
"nixvim",
@@ -1626,11 +1657,11 @@
]
},
"locked": {
"lastModified": 1727599661,
"narHash": "sha256-0R+1ih0Rfqrz/lcduvpNSnUw3uthUHiaGh0aWPyIqeQ=",
"lastModified": 1731936508,
"narHash": "sha256-z0BSSf78LkxIrrFXZYmCoRRAxAmxMUKpK7CyxQRvkZI=",
"owner": "NuschtOS",
"repo": "search",
"rev": "c3c3928b8de7d300c34e9d90fdc19febd1a32062",
"rev": "fe07070f811b717a4626d01fab714a87d422a9e1",
"type": "github"
},
"original": {
@@ -1735,11 +1766,11 @@
"locked": {
"lastModified": 1,
"narHash": "sha256-QahOuoQdXshu38W5uO7hLhG/yFkT7S2l8Dxicq0wdGk=",
"path": "/nix/store/4kp9n79sswz7mqh62clfn5hkgixw22b3-source/programs",
"path": "/nix/store/2k345pz1g04x3zhhqdh4pbn81zsaiijn-source/programs",
"type": "path"
},
"original": {
"path": "/nix/store/4kp9n79sswz7mqh62clfn5hkgixw22b3-source/programs",
"path": "/nix/store/2k345pz1g04x3zhhqdh4pbn81zsaiijn-source/programs",
"type": "path"
}
},
@@ -1807,11 +1838,11 @@
"locked": {
"lastModified": 1,
"narHash": "sha256-0Ztx5DVQ2I7hvCK/qjGa4XTdRgbzM8rhf19m0al8lVM=",
"path": "/nix/store/4kp9n79sswz7mqh62clfn5hkgixw22b3-source/services/sddm",
"path": "/nix/store/2k345pz1g04x3zhhqdh4pbn81zsaiijn-source/services/sddm",
"type": "path"
},
"original": {
"path": "/nix/store/4kp9n79sswz7mqh62clfn5hkgixw22b3-source/services/sddm",
"path": "/nix/store/2k345pz1g04x3zhhqdh4pbn81zsaiijn-source/services/sddm",
"type": "path"
}
},
@@ -1822,11 +1853,11 @@
]
},
"locked": {
"lastModified": 1731954233,
"narHash": "sha256-vvXx1m2Rsw7MkbKJdpcICzz4YPgZPApGKQGhNZfkhOI=",
"lastModified": 1732186149,
"narHash": "sha256-N9JGWe/T8BC0Tss2Cv30plvZUYoiRmykP7ZdY2on2b0=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "e39947d0ee8e341fa7108bd02a33cdfa24a1360e",
"rev": "53c853fb1a7e4f25f68805ee25c83d5de18dc699",
"type": "github"
},
"original": {
@@ -1842,12 +1873,12 @@
},
"locked": {
"lastModified": 1,
"narHash": "sha256-PNq6Er4IaETN1WUPJ9i7E/6qJnSdboETaLc9CqO0Pac=",
"path": "/nix/store/qvzx3zcff8jsbnqqwrzh62j3ay1lc06q-source/system-config",
"narHash": "sha256-VI/PphvaiElKATCFaBzInEqU7WnoCmItIy8wfzcD9U8=",
"path": "/nix/store/32h16ywb0xb37hvimz74apw471i7c7jq-source/system-config",
"type": "path"
},
"original": {
"path": "/nix/store/qvzx3zcff8jsbnqqwrzh62j3ay1lc06q-source/system-config",
"path": "/nix/store/32h16ywb0xb37hvimz74apw471i7c7jq-source/system-config",
"type": "path"
}
},
@@ -1992,11 +2023,11 @@
]
},
"locked": {
"lastModified": 1727431250,
"narHash": "sha256-uGRlRT47ecicF9iLD1G3g43jn2e+b5KaMptb59LHnvM=",
"lastModified": 1731944360,
"narHash": "sha256-sJxPh+V0vUkBhlA58ok/y0o96AtfqiEF0O8qsdolI6o=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "879b29ae9a0378904fbbefe0dadaed43c8905754",
"rev": "579b9a2fd0020cd9cd81a4ef4eab2dca4d20c94c",
"type": "github"
},
"original": {

5
system-config/configuration/homebox/default.nix
View File

@@ -90,7 +90,8 @@
hostName = "homebox";
nameservers = [ "1.1.1.1" "1.0.0.1" ];
networkmanager.enable = true;
firewall.allowedTCPPorts = [ 22 80 443 9000 8080 6080 ];
firewall.allowedTCPPorts = [ 22 80 443 ];
firewall.interfaces."ve-traefik".allowedTCPPorts = [ 9000 8080 6080 ];
hosts = {
"192.168.100.11" = [ "blunkall.us" "*.blunkall.us" "*.local.blunkall.us" ];
};
@@ -254,7 +255,7 @@
"blunkall.us".enable = true;
pihole.enable = true;
pihole.enable = false;
nextcloud.enable = true;

2
system-config/services/containers/traefik/default.nix
View File

@@ -229,7 +229,7 @@
pihole.loadBalancer.servers = [ { url = "http://192.168.100.10:8080"; } ];
novnc.loadBalancer.servers = [ { url = "http://192.168.100.10:6080/vnc.html"; } ];
novnc.loadBalancer.servers = [ { url = "http://192.168.100.10:6080"; } ];
nextcloud.loadBalancer.servers = [ { url = "http://192.168.100.15:80"; } ];
};