From a4a20387dfe1d134ab251b27e29218fa8f949a8d Mon Sep 17 00:00:00 2001 From: Geir Okkenhaug Jerstad Date: Tue, 2 Jul 2024 20:56:48 +0000 Subject: [PATCH 1/3] routing for git.geokkjer.eu --- proxy/configuration.nix | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/proxy/configuration.nix b/proxy/configuration.nix index a17de8c..815e3f5 100644 --- a/proxy/configuration.nix +++ b/proxy/configuration.nix @@ -37,12 +37,12 @@ in proxyWebsockets = true; }; }; - #virtualHosts."geokkjer.eu" = { - # default = true; - # forceSSL = true; - # enableACME = true; - # locations."/".proxyPass = "http://127.0.0.1/"; - #}; + "git.geokkjer.eu" = { + default = true; + forceSSL = true; + enableACME = true; + locations."/".proxyPass = "http://apps:3000"; + }; }; }; # acme let's encrypt From 1f3e2beabfeea783d961a5d6c8a09cdc134fc5ca Mon Sep 17 00:00:00 2001 From: Geir Okkenhaug Jerstad Date: Tue, 2 Jul 2024 21:09:25 +0000 Subject: [PATCH 2/3] added fail2ban to proxy --- proxy/configuration.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/proxy/configuration.nix b/proxy/configuration.nix index 815e3f5..c33ae22 100644 --- a/proxy/configuration.nix +++ b/proxy/configuration.nix @@ -18,7 +18,10 @@ in # tailscale services.tailscale.enable = true; - + + # fail2ban + services.fail2ban.enable = true; + # nginx reverse proxy services.nginx = { enable = true; From 5cdd0a185fe5d6c8d066594ffaf95ff0541fbfda Mon Sep 17 00:00:00 2001 From: Geir Okkenhaug Jerstad Date: Wed, 3 Jul 2024 16:09:07 +0200 Subject: [PATCH 3/3] added podman-dektop to workstation --- workstation/podman.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/workstation/podman.nix b/workstation/podman.nix index 44f2f43..1e74032 100644 --- a/workstation/podman.nix +++ b/workstation/podman.nix @@ -8,6 +8,7 @@ environment.systemPackages = with pkgs; [ podman-tui podman-compose + podman-desktop ]; }