Skip to content

Commit

Permalink
small improvements
Browse files Browse the repository at this point in the history
  • Loading branch information
@rafaelsgirao
rafaelsgirao committed Jul 8, 2024
1 parent d81204e commit 7c8cd61
Show file tree
Hide file tree
Showing 4 changed files with 5 additions and 3 deletions.
4 changes: 2 additions & 2 deletions hosts/spy/machine.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ in

rg = {
ip = "192.168.10.6";
ipv4 = "192.168.1.80";
ipv4 = "192.168.1.50";
machineId = "42ef768cc806409b923c6044269f9902";
machineType = "intel";
class = "server";
Expand Down Expand Up @@ -184,7 +184,7 @@ in
useACMEHost = "rafael.ovh";
extraConfig = ''
encode zstd gzip
reverse_proxy http://192.168.1.1:80
reverse_proxy http://192.168.1.254:80
'';
};
"cloud.${fqdn}" = {
Expand Down
2 changes: 1 addition & 1 deletion modules/core/default.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,6 @@ in
networking = {
inherit (config.rg) domain;
usePredictableInterfaceNames = false;
interfaces.eth0.useDHCP = lib.mkDefault true;
firewall = {
enable = true;
allowedTCPPorts = [
Expand Down Expand Up @@ -119,6 +118,7 @@ in
environment.pathsToLink = [ "/libexec" ];

users.mutableUsers = false;
users.defaultUserShell = pkgs.fish;

users.users.rg = {
uid = 1000;
Expand Down
2 changes: 2 additions & 0 deletions modules/sshguard.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,5 +2,7 @@ _: {
services.sshguard = {
enable = true;
whitelist = [ "192.168.10.0/24" ];
blacklist_file = "/pst/var/lib/sshguard/blacklist.db";

};
}
Binary file modified secrets/SSH-config.age
View file
Binary file not shown.

0 comments on commit 7c8cd61

Please sign in to comment.