summaryrefslogtreecommitdiff
path: root/os/kay/modules
diff options
context:
space:
mode:
Diffstat (limited to 'os/kay/modules')
-rw-r--r--os/kay/modules/internal/acme.nix (renamed from os/kay/modules/acme.nix)0
-rw-r--r--os/kay/modules/internal/postgresql.nix (renamed from os/kay/modules/postgresql.nix)0
-rw-r--r--os/kay/modules/internal/www.nix (renamed from os/kay/modules/www.nix)5
-rw-r--r--os/kay/modules/network/default.nix (renamed from os/kay/modules/network.nix)2
-rw-r--r--os/kay/modules/network/headscale.nix (renamed from os/kay/modules/headscale.nix)0
-rw-r--r--os/kay/modules/network/hurricane.nix (renamed from os/kay/modules/hurricane.nix)0
-rw-r--r--os/kay/modules/network/router.nix (renamed from os/kay/modules/router.nix)5
-rw-r--r--os/kay/modules/network/wireguard.nix (renamed from os/kay/modules/wireguard.nix)0
-rw-r--r--os/kay/modules/services/alina.nix (renamed from os/kay/modules/alina.nix)0
-rw-r--r--os/kay/modules/services/cgit.nix (renamed from os/kay/modules/cgit.nix)0
-rw-r--r--os/kay/modules/services/github-runner.nix (renamed from os/kay/modules/github-runner.nix)0
-rw-r--r--os/kay/modules/services/home-assistant.nix (renamed from os/kay/modules/home-assistant.nix)0
-rw-r--r--os/kay/modules/services/immich.nix (renamed from os/kay/modules/immich.nix)0
-rw-r--r--os/kay/modules/services/iperf3.nix (renamed from os/kay/modules/iperf3.nix)0
-rw-r--r--os/kay/modules/services/mail.nix (renamed from os/kay/modules/mail.nix)0
-rw-r--r--os/kay/modules/services/matrix/default.nix (renamed from os/kay/modules/matrix/default.nix)0
-rw-r--r--os/kay/modules/services/matrix/dendrite.nix (renamed from os/kay/modules/matrix/dendrite.nix)0
-rw-r--r--os/kay/modules/services/matrix/matrix-sliding-sync.nix (renamed from os/kay/modules/matrix/matrix-sliding-sync.nix)0
-rw-r--r--os/kay/modules/services/minio.nix (renamed from os/kay/modules/minio.nix)0
-rw-r--r--os/kay/modules/services/nix-cache.nix (renamed from os/kay/modules/nix-cache.nix)0
-rw-r--r--os/kay/modules/services/sftp.nix (renamed from os/kay/modules/sftp.nix)0
-rw-r--r--os/kay/modules/sshfwd.nix32
22 files changed, 2 insertions, 42 deletions
diff --git a/os/kay/modules/acme.nix b/os/kay/modules/internal/acme.nix
index 60e40a8..60e40a8 100644
--- a/os/kay/modules/acme.nix
+++ b/os/kay/modules/internal/acme.nix
diff --git a/os/kay/modules/postgresql.nix b/os/kay/modules/internal/postgresql.nix
index 6ba5398..6ba5398 100644
--- a/os/kay/modules/postgresql.nix
+++ b/os/kay/modules/internal/postgresql.nix
diff --git a/os/kay/modules/www.nix b/os/kay/modules/internal/www.nix
index e64c65c..dd0a1ef 100644
--- a/os/kay/modules/www.nix
+++ b/os/kay/modules/internal/www.nix
@@ -10,11 +10,6 @@ let
storage = "/hdd/users/sftp/shr";
in
{
- imports = [
- ./matrix
- ./cgit.nix
- ];
-
security.acme.certs.${domain}.postRun = "systemctl reload nginx.service";
networking.firewall = {
allowedTCPPorts = [
diff --git a/os/kay/modules/network.nix b/os/kay/modules/network/default.nix
index 1315289..56371c7 100644
--- a/os/kay/modules/network.nix
+++ b/os/kay/modules/network/default.nix
@@ -12,6 +12,8 @@ in
imports = [
./router.nix
./hurricane.nix
+ ./wireguard.nix
+ ./headscale.nix
];
sops.secrets = {
diff --git a/os/kay/modules/headscale.nix b/os/kay/modules/network/headscale.nix
index 24df170..24df170 100644
--- a/os/kay/modules/headscale.nix
+++ b/os/kay/modules/network/headscale.nix
diff --git a/os/kay/modules/hurricane.nix b/os/kay/modules/network/hurricane.nix
index e815136..e815136 100644
--- a/os/kay/modules/hurricane.nix
+++ b/os/kay/modules/network/hurricane.nix
diff --git a/os/kay/modules/router.nix b/os/kay/modules/network/router.nix
index 7280401..aeb008c 100644
--- a/os/kay/modules/router.nix
+++ b/os/kay/modules/network/router.nix
@@ -18,11 +18,6 @@ let
wapIp = "192.168.43.2";
in
{
- imports = [
- ./wireguard.nix
- ./iperf3.nix
- ];
-
networking = {
bridges.${bridgeInterface}.interfaces = [ lanInterface ];
diff --git a/os/kay/modules/wireguard.nix b/os/kay/modules/network/wireguard.nix
index fd00804..fd00804 100644
--- a/os/kay/modules/wireguard.nix
+++ b/os/kay/modules/network/wireguard.nix
diff --git a/os/kay/modules/alina.nix b/os/kay/modules/services/alina.nix
index c567953..c567953 100644
--- a/os/kay/modules/alina.nix
+++ b/os/kay/modules/services/alina.nix
diff --git a/os/kay/modules/cgit.nix b/os/kay/modules/services/cgit.nix
index 254cc80..254cc80 100644
--- a/os/kay/modules/cgit.nix
+++ b/os/kay/modules/services/cgit.nix
diff --git a/os/kay/modules/github-runner.nix b/os/kay/modules/services/github-runner.nix
index dd4d48d..dd4d48d 100644
--- a/os/kay/modules/github-runner.nix
+++ b/os/kay/modules/services/github-runner.nix
diff --git a/os/kay/modules/home-assistant.nix b/os/kay/modules/services/home-assistant.nix
index 65807f7..65807f7 100644
--- a/os/kay/modules/home-assistant.nix
+++ b/os/kay/modules/services/home-assistant.nix
diff --git a/os/kay/modules/immich.nix b/os/kay/modules/services/immich.nix
index 5e5eaf4..5e5eaf4 100644
--- a/os/kay/modules/immich.nix
+++ b/os/kay/modules/services/immich.nix
diff --git a/os/kay/modules/iperf3.nix b/os/kay/modules/services/iperf3.nix
index 2c8afef..2c8afef 100644
--- a/os/kay/modules/iperf3.nix
+++ b/os/kay/modules/services/iperf3.nix
diff --git a/os/kay/modules/mail.nix b/os/kay/modules/services/mail.nix
index 685461f..685461f 100644
--- a/os/kay/modules/mail.nix
+++ b/os/kay/modules/services/mail.nix
diff --git a/os/kay/modules/matrix/default.nix b/os/kay/modules/services/matrix/default.nix
index 1b9564d..1b9564d 100644
--- a/os/kay/modules/matrix/default.nix
+++ b/os/kay/modules/services/matrix/default.nix
diff --git a/os/kay/modules/matrix/dendrite.nix b/os/kay/modules/services/matrix/dendrite.nix
index e66c5a5..e66c5a5 100644
--- a/os/kay/modules/matrix/dendrite.nix
+++ b/os/kay/modules/services/matrix/dendrite.nix
diff --git a/os/kay/modules/matrix/matrix-sliding-sync.nix b/os/kay/modules/services/matrix/matrix-sliding-sync.nix
index 63d95ad..63d95ad 100644
--- a/os/kay/modules/matrix/matrix-sliding-sync.nix
+++ b/os/kay/modules/services/matrix/matrix-sliding-sync.nix
diff --git a/os/kay/modules/minio.nix b/os/kay/modules/services/minio.nix
index d440e50..d440e50 100644
--- a/os/kay/modules/minio.nix
+++ b/os/kay/modules/services/minio.nix
diff --git a/os/kay/modules/nix-cache.nix b/os/kay/modules/services/nix-cache.nix
index 9c81b56..9c81b56 100644
--- a/os/kay/modules/nix-cache.nix
+++ b/os/kay/modules/services/nix-cache.nix
diff --git a/os/kay/modules/sftp.nix b/os/kay/modules/services/sftp.nix
index f75abc4..f75abc4 100644
--- a/os/kay/modules/sftp.nix
+++ b/os/kay/modules/services/sftp.nix
diff --git a/os/kay/modules/sshfwd.nix b/os/kay/modules/sshfwd.nix
deleted file mode 100644
index fcafd17..0000000
--- a/os/kay/modules/sshfwd.nix
+++ /dev/null
@@ -1,32 +0,0 @@
-{ ... }:
-let
- group = "sshfwd";
-in
-{
- networking.firewall.allowedTCPPorts = [ 2222 ];
-
- users = {
- groups.${group}.members = [ ];
-
- users."lia" = {
- inherit group;
- isSystemUser = true;
-
- openssh.authorizedKeys.keys = [
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAe7fJlh9L+9JSq0+hK7jNZjszmZqNXwzqcZ+zx0yJyU lia"
- ];
- };
- };
-
- services.openssh.extraConfig = ''
- Match Group ${group}
- ForceCommand echo 'this account is only usable for remote forwarding'
- PermitTunnel no
- AllowAgentForwarding no
- X11Forwarding no
-
- AllowTcpForwarding remote
- GatewayPorts clientspecified
- PermitListen *:2222
- '';
-}