37 lines
841 B
Nix
37 lines
841 B
Nix
{ config, lib, pkgs, ... }: let
|
|
|
|
hostPort = 9006;
|
|
|
|
subdomain = "vpn";
|
|
|
|
name = "netbird";
|
|
|
|
in {
|
|
|
|
options.sysconfig.docker.netbird.enable = with lib; mkOption {
|
|
type = with types; bool;
|
|
default = false;
|
|
};
|
|
|
|
config = lib.mkIf (config.sysconfig.docker.netbird.enable && config.sysconfig.docker.enable) {
|
|
|
|
networking.firewall.interfaces = {
|
|
"ve-traefik" = {
|
|
allowedTCPPorts = [ hostPort ];
|
|
};
|
|
};
|
|
|
|
sops.secrets = {
|
|
"netbird/pass" = {};
|
|
"netbird/secret_key" = {};
|
|
};
|
|
|
|
sops.templates."netbird.env" = {
|
|
content = ''
|
|
PG_PASS=${config.sops.placeholder."netbird/pass"}
|
|
SECRET_KEY=${config.sops.placeholder."netbird/secret_key"}
|
|
'';
|
|
};
|
|
};
|
|
}
|