Remove Treafik Fail2Ban Configs. Fixes Issue 5
This commit is contained in:
parent
823a096de7
commit
c22d6bde86
3 changed files with 8 additions and 4 deletions
|
@ -9,7 +9,9 @@
|
||||||
../../common/modules/ssh-luks.nix
|
../../common/modules/ssh-luks.nix
|
||||||
../../common/services/docker.nix
|
../../common/services/docker.nix
|
||||||
../../common/services/tailscale-autoconnect.nix
|
../../common/services/tailscale-autoconnect.nix
|
||||||
../../common/modules/fail2ban/traefik.nix
|
# Disabling -- I don't know why but this all of a sudden breaks Headscale.
|
||||||
|
# Sep 12 2024
|
||||||
|
# ../../common/modules/fail2ban/traefik.nix
|
||||||
./containers.nix
|
./containers.nix
|
||||||
./disks.nix
|
./disks.nix
|
||||||
./wireguard.nix
|
./wireguard.nix
|
||||||
|
|
|
@ -65,19 +65,21 @@
|
||||||
frontend http
|
frontend http
|
||||||
mode http
|
mode http
|
||||||
bind :80
|
bind :80
|
||||||
bind :443 ssl crt /Storage/Data/Docker/sysctl.io/letsencrypt/external/*.sysctl.io/combined.pem
|
# bind :443 ssl crt /Storage/Data/Docker/sysctl.io/letsencrypt/external/*.sysctl.io/combined.pem
|
||||||
http-request redirect scheme https unless { ssl_fc }
|
http-request redirect scheme https unless { ssl_fc }
|
||||||
default_backend backend_http
|
default_backend backend_http
|
||||||
backend backend_http
|
backend backend_http
|
||||||
mode http
|
mode http
|
||||||
option forwardfor
|
option forwardfor
|
||||||
option forwarded
|
option forwarded
|
||||||
server framework-server 10.100.0.2:443 ssl verify required ca-file ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt sni req.hdr(Host)
|
# server framework-server 10.100.0.2:443 ssl verify required ca-file ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt sni req.hdr(Host)
|
||||||
|
server framework-server 10.100.0.2
|
||||||
|
|
||||||
frontend tcp
|
frontend tcp
|
||||||
mode tcp
|
mode tcp
|
||||||
bind :25565
|
bind :25565
|
||||||
bind :4443
|
bind :4443
|
||||||
|
bind :443
|
||||||
default_backend backend_tcp
|
default_backend backend_tcp
|
||||||
backend backend_tcp
|
backend backend_tcp
|
||||||
mode tcp
|
mode tcp
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
# Allow these hosts to directly communicate with their hostnames
|
# Allow these hosts to directly communicate with their hostnames
|
||||||
networking.extraHosts = ''
|
networking.extraHosts = ''
|
||||||
10.100.0.1 osaka-linode-01
|
10.100.0.1 osaka-linode-01
|
||||||
10.100.0.2 headscale.sysctl.io
|
# 10.100.0.2 headscale.sysctl.io
|
||||||
10.100.0.3 backups-rpi4
|
10.100.0.3 backups-rpi4
|
||||||
10.100.0.4 frankfurt-linode-01
|
10.100.0.4 frankfurt-linode-01
|
||||||
'';
|
'';
|
||||||
|
|
Loading…
Reference in a new issue