StuRa/stura-infra
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

make ssh avaliable on 2142 to allow forwarding of 22 to srs2

Browse source
This commit is contained in:
goeranh 2026-02-25 07:13:13 +01:00
parent d012e134f3
commit 81edf99463
No known key found for this signature in database
1 changed files with 33 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

36
hosts/proxy/default.nix
View file

@ -9,19 +9,31 @@
./hardware-configuration.nix ./hardware-configuration.nix
]; ];
networking.hostName = "proxy"; networking = {
networking.interfaces.ens18.ipv4.addresses = [ hostName = "proxy";
interfaces.ens18.ipv4.addresses = [
{ {
address = "141.56.51.1"; address = "141.56.51.1";
prefixLength = 24; prefixLength = 24;
} }
]; ];
defaultGateway.address = "141.56.51.254";
networking.defaultGateway.address = "141.56.51.254"; nameservers = [
networking.nameservers = [
"9.9.9.9" "9.9.9.9"
"1.1.1.1" "1.1.1.1"
]; ];
firewall = {
allowedTCPPorts = [
80
443
2142
];
};
nftables = {
enable = true;
};
};
security.acme = { security.acme = {
certs."stura.htw-dresden.de" = { certs."stura.htw-dresden.de" = {
listenHTTP = ":8888"; listenHTTP = ":8888";
@ -46,7 +58,15 @@ systemd.services.haproxy = {
}; };
services = { services = {
openssh.enable = true; openssh = {
enable = true;
listenAddresses = [
{
addr = "141.56.51.1";
port = 2142;
}
];
};
haproxy = { haproxy = {
enable = true; enable = true;
config = '' config = ''
@ -156,10 +176,6 @@ services = {
}; };
networking.firewall.allowedTCPPorts = [
80
443
];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
openvpn openvpn