2024-03-22 06:12:01 +01:00
|
|
|
{ ... }: {
|
2024-03-13 03:48:40 +01:00
|
|
|
services.cron = {
|
|
|
|
enable = true;
|
|
|
|
systemCronJobs = [
|
2024-06-24 14:56:28 +02:00
|
|
|
''0 0 * * * root mkdir -p /Storage/Data/Docker/sysctl.io/letsencrypt/; rsync -avr root@framework-server:/Storage/Data/Docker/sysctl.io/letsencrypt/ /Storage/Data/Docker/sysctl.io/letsencrypt/''
|
2024-03-13 03:48:40 +01:00
|
|
|
];
|
|
|
|
};
|
|
|
|
|
|
|
|
# Containers
|
2024-03-25 01:46:12 +01:00
|
|
|
virtualisation.oci-containers.containers."derp" = {
|
2024-03-15 06:17:11 +01:00
|
|
|
image = "docker.io/fredliang/derper";
|
2024-03-13 03:48:40 +01:00
|
|
|
environment = {
|
|
|
|
DERP_ADDR = ":1443";
|
|
|
|
DERP_CERT_DIR = "/app/certs";
|
|
|
|
DERP_CERT_MODE = "manual";
|
|
|
|
DERP_DOMAIN = "sysctl.io";
|
|
|
|
DERP_STUN = "true";
|
2024-03-15 12:53:48 +01:00
|
|
|
DERP_VERIFY_CLIENTS = "true";
|
2024-03-13 03:48:40 +01:00
|
|
|
};
|
|
|
|
volumes = [
|
2024-03-22 06:33:28 +01:00
|
|
|
"/var/run/tailscale/tailscaled.sock:/var/run/tailscale/tailscaled.sock:ro"
|
2024-03-13 03:48:40 +01:00
|
|
|
"/Storage/Data/Docker/sysctl.io/letsencrypt/external/certificates/certs/*.sysctl.io.crt:/app/certs/sysctl.io.crt:ro"
|
|
|
|
"/Storage/Data/Docker/sysctl.io/letsencrypt/external/certificates/private/*.sysctl.io.key:/app/certs/sysctl.io.key:ro"
|
|
|
|
];
|
|
|
|
ports = [
|
|
|
|
"3478:3478/udp"
|
|
|
|
"1443:1443/tcp"
|
|
|
|
];
|
|
|
|
log-driver = "journald";
|
2024-08-11 04:00:26 +02:00
|
|
|
extraoptions = [ "--network=host" ];
|
2024-03-13 03:48:40 +01:00
|
|
|
};
|
|
|
|
}
|