geir/home-lab
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: resolve sma user definition conflict between modules

Browse source 
- Remove duplicate sma user definition from incus.nix module
- The sma user is properly defined in modules/users/sma.nix with incus-admin group
- This resolves the isNormalUser/isSystemUser assertion failure blocking congenital-optimist rebuild
- Clean up grey-area configuration and modularize services
- Update SSH keys with correct IP addresses for grey-area and reverse-proxy
This commit is contained in:
Geir Okkenhaug Jerstad 2025-06-07 16:58:22 +02:00
parent a35d9ff420
commit fa2b84cf65
20 changed files with 540 additions and 232 deletions
Download patch file Download diff file Expand all files Collapse all files

6
machines/reverse-proxy/configuration.nix
View file

@ -19,8 +19,8 @@
# DMZ-specific firewall configuration - very restrictive
networking.firewall = {
enable = true;
# Allow HTTP/HTTPS from external network and Git SSH on port 2222
allowedTCPPorts = [ 80 443 2222 ];
# Allow HTTP/HTTPS from external network and Git SSH on port 1337
allowedTCPPorts = [ 80 443 1337 ];
allowedUDPPorts = [ ];
# SSH only allowed from Tailscale network (100.64.0.0/10)
extraCommands = ''
@ -88,7 +88,7 @@
}
server {
listen 2222;
listen 1337;
proxy_pass git_ssh_backend;
proxy_timeout 300s;
proxy_connect_timeout 10s;