TheWanderingCrow/CrOS
1
0
Fork 0
mirror of https://github.com/TheWanderingCrow/CrOS.git synced 2026-01-15 03:24:10 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

route public now, restrict certain services to internal and-or home IP until split-horizon dns is setup

Browse source
This commit is contained in:
TheWanderingCrow 2025-02-15 11:08:18 -05:00
parent 8fb8e39de4
commit 88fb564e71
5 changed files with 10 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

11
modules/users/overseer/services/bar-assistant.nix
View file

@ -37,12 +37,13 @@ in
enable = true;
recommendedProxySettings = true;
virtualHosts = {
extraConfig = ''
allow 192.168.0.0/16;
allow 10.8.0.0/24;
deny all;
'';
"bar.wanderingcrow.net" = {
extraConfig = ''
allow 192.168.0.0/16;
allow 10.8.0.0/24;
allow 24.179.20.202;
deny all;
'';
forceSSL = true;
useACMEHost = "bar.wanderingcrow.net";
locations = {

1
modules/users/overseer/services/bookstack.nix
View file

@ -38,6 +38,7 @@ in
extraConfig = ''
allow 192.168.0.0/16;
allow 10.8.0.0/24;
allow 24.179.20.202;
deny all;
'';
useACMEHost = "bookstack.wanderingcrow.net";

1
modules/users/overseer/services/grocy.nix
View file

@ -10,6 +10,7 @@ lib.mkIf config.user.overseer.enable {
extraConfig = ''
allow 192.168.0.0/16;
allow 10.8.0.0/24;
allow 24.179.20.202;
deny all;
'';
};

1
modules/users/overseer/services/homebox.nix
View file

@ -29,6 +29,7 @@ lib.mkIf config.user.overseer.enable {
extraConfig = ''
allow 192.168.0.0/16;
allow 10.8.0.0/24;
allow 24.179.20.202;
deny all;
'';
proxyPass = "http://localhost:7745";

1
modules/users/overseer/services/homepage.nix
View file

@ -25,6 +25,7 @@ lib.mkIf config.user.overseer.enable {
extraConfig = ''
allow 192.168.0.0/16;
allow 10.8.0.0/24;
allow 24.179.20.202;
deny all;
'';
proxyPass = "http://localhost:8082";