2024-08-12 13:19:07 +09:00
|
|
|
{ domainName, ... }: {
|
2024-03-15 10:28:10 +09:00
|
|
|
services.cron = {
|
|
|
|
|
enable = true;
|
|
|
|
|
systemCronJobs = [
|
2024-08-11 20:43:36 +09:00
|
|
|
''0 0 * * * root mkdir -p /Storage/Data/Docker/sysctl.io/letsencrypt/; rsync -avr --delete root@framework-server:/Storage/Data/Docker/sysctl.io/letsencrypt/ /Storage/Data/Docker/sysctl.io/letsencrypt/''
|
2024-03-15 10:28:10 +09:00
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
# Containers
|
2024-03-25 09:46:12 +09:00
|
|
|
virtualisation.oci-containers.containers."derp" = {
|
2024-03-15 14:17:26 +09:00
|
|
|
image = "docker.io/fredliang/derper";
|
2024-03-15 10:28:10 +09:00
|
|
|
environment = {
|
|
|
|
|
DERP_ADDR = ":1443";
|
2024-03-15 21:05:55 +09:00
|
|
|
DERP_CERT_DIR = "/app/certs";
|
|
|
|
|
DERP_CERT_MODE = "manual";
|
2024-08-12 13:19:07 +09:00
|
|
|
DERP_DOMAIN = domainName;
|
2024-03-15 10:28:10 +09:00
|
|
|
DERP_STUN = "true";
|
2024-03-22 14:12:01 +09:00
|
|
|
DERP_VERIFY_CLIENTS = "true";
|
2024-08-11 12:41:03 +09:00
|
|
|
DERP_HTTP_PORT = "-1";
|
2024-03-15 10:28:10 +09:00
|
|
|
};
|
|
|
|
|
volumes = [
|
2024-03-22 14:33:28 +09:00
|
|
|
"/var/run/tailscale/tailscaled.sock:/var/run/tailscale/tailscaled.sock:ro"
|
2024-08-12 13:19:07 +09:00
|
|
|
"/Storage/Data/Docker/sysctl.io/letsencrypt/external/*.sysctl.io/public.crt:/app/certs/${domainName}.crt:ro"
|
|
|
|
|
"/Storage/Data/Docker/sysctl.io/letsencrypt/external/*.sysctl.io/private.key:/app/certs/${domainName}.key:ro"
|
2024-03-15 10:28:10 +09:00
|
|
|
];
|
|
|
|
|
ports = [
|
|
|
|
|
"3478:3478/udp"
|
|
|
|
|
"1443:1443/tcp"
|
|
|
|
|
];
|
|
|
|
|
log-driver = "journald";
|
2024-08-11 11:01:21 +09:00
|
|
|
extraOptions = [ "--network=host" ];
|
2024-03-15 10:28:10 +09:00
|
|
|
};
|
|
|
|
|
}
|
