Remove Treafik Fail2Ban Configs. Fixes Issue 5

This commit is contained in:
albert 2024-09-12 19:17:27 +09:00
parent 823a096de7
commit c22d6bde86
Signed by: albert
GPG key ID: 3895DD267CA11BA9
3 changed files with 8 additions and 4 deletions

View file

@ -9,7 +9,9 @@
../../common/modules/ssh-luks.nix ../../common/modules/ssh-luks.nix
../../common/services/docker.nix ../../common/services/docker.nix
../../common/services/tailscale-autoconnect.nix ../../common/services/tailscale-autoconnect.nix
../../common/modules/fail2ban/traefik.nix # Disabling -- I don't know why but this all of a sudden breaks Headscale.
# Sep 12 2024
# ../../common/modules/fail2ban/traefik.nix
./containers.nix ./containers.nix
./disks.nix ./disks.nix
./wireguard.nix ./wireguard.nix

View file

@ -65,19 +65,21 @@
frontend http frontend http
mode http mode http
bind :80 bind :80
bind :443 ssl crt /Storage/Data/Docker/sysctl.io/letsencrypt/external/*.sysctl.io/combined.pem # bind :443 ssl crt /Storage/Data/Docker/sysctl.io/letsencrypt/external/*.sysctl.io/combined.pem
http-request redirect scheme https unless { ssl_fc } http-request redirect scheme https unless { ssl_fc }
default_backend backend_http default_backend backend_http
backend backend_http backend backend_http
mode http mode http
option forwardfor option forwardfor
option forwarded option forwarded
server framework-server 10.100.0.2:443 ssl verify required ca-file ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt sni req.hdr(Host) # server framework-server 10.100.0.2:443 ssl verify required ca-file ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt sni req.hdr(Host)
server framework-server 10.100.0.2
frontend tcp frontend tcp
mode tcp mode tcp
bind :25565 bind :25565
bind :4443 bind :4443
bind :443
default_backend backend_tcp default_backend backend_tcp
backend backend_tcp backend backend_tcp
mode tcp mode tcp

View file

@ -3,7 +3,7 @@
# Allow these hosts to directly communicate with their hostnames # Allow these hosts to directly communicate with their hostnames
networking.extraHosts = '' networking.extraHosts = ''
10.100.0.1 osaka-linode-01 10.100.0.1 osaka-linode-01
10.100.0.2 headscale.sysctl.io # 10.100.0.2 headscale.sysctl.io
10.100.0.3 backups-rpi4 10.100.0.3 backups-rpi4
10.100.0.4 frankfurt-linode-01 10.100.0.4 frankfurt-linode-01
''; '';