From 6da3a12e764e74db04913262b63b59631931952c Mon Sep 17 00:00:00 2001 From: albert Date: Fri, 22 Mar 2024 14:12:01 +0900 Subject: [PATCH] Update derp --- .../hosts/milan-linode-01/containers/derp.nix | 47 ++---------------- .../hosts/osaka-linode-01/containers/derp.nix | 48 +------------------ 2 files changed, 6 insertions(+), 89 deletions(-) diff --git a/nixos/hosts/milan-linode-01/containers/derp.nix b/nixos/hosts/milan-linode-01/containers/derp.nix index 666f815e..3f38fecd 100644 --- a/nixos/hosts/milan-linode-01/containers/derp.nix +++ b/nixos/hosts/milan-linode-01/containers/derp.nix @@ -1,5 +1,5 @@ # Auto-generated using compose2nix v0.1.7. -{ pkgs, lib, ... }: { +{ ... }: { services.cron = { enable = true; systemCronJobs = [ @@ -14,55 +14,18 @@ DERP_ADDR = ":1443"; DERP_CERT_DIR = "/app/certs"; DERP_CERT_MODE = "manual"; - DERP_DOMAIN = "milan.sysctl.io"; + DERP_DOMAIN = "sysctl.io"; DERP_STUN = "true"; + DERP_VERIFY_CLIENTS = "true"; }; volumes = [ - "/Storage/Data/Docker/sysctl.io/letsencrypt/external/certificates/certs/*.sysctl.io.crt:/app/certs/milan.sysctl.io.crt:ro" - "/Storage/Data/Docker/sysctl.io/letsencrypt/external/certificates/private/*.sysctl.io.key:/app/certs/milan.sysctl.io.key:ro" + "/Storage/Data/Docker/sysctl.io/letsencrypt/external/certificates/certs/*.sysctl.io.crt:/app/certs/sysctl.io.crt:ro" + "/Storage/Data/Docker/sysctl.io/letsencrypt/external/certificates/private/*.sysctl.io.key:/app/certs/sysctl.io.key:ro" ]; ports = [ "3478:3478/udp" "1443:1443/tcp" ]; log-driver = "journald"; - extraOptions = [ - "--network-alias=headscale-derp" - "--network=headscale-default" - ]; - }; - systemd.services."docker-headscale-derp" = { - serviceConfig = { - Restart = lib.mkOverride 500 "always"; - }; - after = [ "docker-network-headscale-default.service" ]; - requires = [ "docker-network-headscale-default.service" ]; - partOf = [ "docker-compose-headscale-root.target" ]; - wantedBy = [ "docker-compose-headscale-root.target" ]; - }; - - # Networks - systemd.services."docker-network-headscale-default" = { - path = [ pkgs.docker ]; - serviceConfig = { - Type = "oneshot"; - RemainAfterExit = true; - ExecStop = "${pkgs.docker}/bin/docker network rm -f headscale-default"; - }; - script = '' - docker network inspect headscale-default || docker network create headscale-default --opt isolate=true - ''; - partOf = [ "docker-compose-headscale-root.target" ]; - wantedBy = [ "docker-compose-headscale-root.target" ]; - }; - - # Root service - # When started, this will automatically create all resources and start - # the containers. When stopped, this will teardown all resources. - systemd.targets."docker-compose-headscale-root" = { - unitConfig = { - Description = "Root target generated by compose2nix."; - }; - wantedBy = [ "multi-user.target" ]; }; } diff --git a/nixos/hosts/osaka-linode-01/containers/derp.nix b/nixos/hosts/osaka-linode-01/containers/derp.nix index 24ea30ef..3f38fecd 100644 --- a/nixos/hosts/osaka-linode-01/containers/derp.nix +++ b/nixos/hosts/osaka-linode-01/containers/derp.nix @@ -1,5 +1,5 @@ # Auto-generated using compose2nix v0.1.7. -{ pkgs, lib, ... }: { +{ ... }: { services.cron = { enable = true; systemCronJobs = [ @@ -27,51 +27,5 @@ "1443:1443/tcp" ]; log-driver = "journald"; - extraOptions = [ - "--network-alias=headscale-derp" - "--network=headscale-default" - ]; - }; - systemd.services."docker-headscale-derp" = { - serviceConfig = { - Restart = lib.mkOverride 500 "always"; - }; - after = [ - "docker-network-headscale-default.service" - ]; - requires = [ - "docker-network-headscale-default.service" - ]; - partOf = [ - "docker-compose-headscale-root.target" - ]; - wantedBy = [ - "docker-compose-headscale-root.target" - ]; - }; - - # Networks - systemd.services."docker-network-headscale-default" = { - path = [ pkgs.docker ]; - serviceConfig = { - Type = "oneshot"; - RemainAfterExit = true; - ExecStop = "${pkgs.docker}/bin/docker network rm -f headscale-default"; - }; - script = '' - docker network inspect headscale-default || docker network create headscale-default --opt isolate=true - ''; - partOf = [ "docker-compose-headscale-root.target" ]; - wantedBy = [ "docker-compose-headscale-root.target" ]; - }; - - # Root service - # When started, this will automatically create all resources and start - # the containers. When stopped, this will teardown all resources. - systemd.targets."docker-compose-headscale-root" = { - unitConfig = { - Description = "Root target generated by compose2nix."; - }; - wantedBy = [ "multi-user.target" ]; }; }