test
This commit is contained in:
parent
ca14a8ce6c
commit
ced197e765
5 changed files with 15 additions and 25 deletions
|
@ -11,9 +11,12 @@
|
|||
dockerSocket.enable = true;
|
||||
dockerCompat = true;
|
||||
autoPrune = {
|
||||
enable = true;
|
||||
dates = "weekly";
|
||||
flags = [ "--all" ];
|
||||
enable = true;
|
||||
dates = "weekly";
|
||||
flags = [ "--all" ];
|
||||
};
|
||||
defaultNetwork.settings = {
|
||||
dns_enabled = true;
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -39,4 +39,5 @@
|
|||
networking.hostName = "milan-linode-01";
|
||||
|
||||
services.tailscale.extraUpFlags = [ "--advertise-exit-node" ];
|
||||
boot.kernel.sysctl = { "net.ipv4.ip_forward" = true; };
|
||||
}
|
||||
|
|
|
@ -35,18 +35,10 @@
|
|||
serviceConfig = {
|
||||
Restart = lib.mkOverride 500 "always";
|
||||
};
|
||||
after = [
|
||||
"podman-network-headscale-default.service"
|
||||
];
|
||||
requires = [
|
||||
"podman-network-headscale-default.service"
|
||||
];
|
||||
partOf = [
|
||||
"podman-compose-headscale-root.target"
|
||||
];
|
||||
wantedBy = [
|
||||
"podman-compose-headscale-root.target"
|
||||
];
|
||||
after = [ "podman-network-headscale-default.service" ];
|
||||
requires = [ "podman-network-headscale-default.service" ];
|
||||
partOf = [ "podman-compose-headscale-root.target" ];
|
||||
wantedBy = [ "podman-compose-headscale-root.target" ];
|
||||
};
|
||||
|
||||
# Networks
|
||||
|
@ -60,7 +52,7 @@
|
|||
script = ''
|
||||
podman network inspect headscale-default || podman network create headscale-default --opt isolate=true
|
||||
'';
|
||||
partOf = [ "podman-compose-headscale-root.target" ];
|
||||
partOf = [ "podman-compose-headscale-root.target" ];
|
||||
wantedBy = [ "podman-compose-headscale-root.target" ];
|
||||
};
|
||||
|
||||
|
|
|
@ -38,9 +38,6 @@
|
|||
iifname "enp0s4" tcp dport 443 dnat to 10.100.0.2:443; # HTTPS
|
||||
iifname "enp0s4" tcp dport 42420 dnat to 10.100.0.2:42420; # Vintage Story
|
||||
iifname "enp0s4" tcp dport 25565 dnat to 10.100.0.2:25565; # Minecraft
|
||||
# iifname "enp0s4" tcp dport 1443 dnat to 10.100.0.2:1443; # Headscale DERP (tcp)
|
||||
# iifname "enp0s4" udp dport 3478 dnat to 10.100.0.2:3478; # Headscale DERP (udp)
|
||||
# iifname "enp0s4" udp dport 10000 dnat to 10.100.0.2:10000; # Headscale DERP (udp)
|
||||
iifname "enp0s4" tcp dport 4443 dnat to 10.100.0.2:4443; # Jitsi
|
||||
}
|
||||
}
|
||||
|
@ -62,9 +59,6 @@
|
|||
{ sourcePort = 443; proto = "tcp"; destination = "10.100.0.2:443"; } # HTTPS
|
||||
{ sourcePort = 42420; proto = "tcp"; destination = "10.100.0.2:42420"; } # Vintage Story
|
||||
{ sourcePort = 25565; proto = "tcp"; destination = "10.100.0.2:25565"; } # Minecraft
|
||||
# { sourcePort = 1443; proto = "tcp"; destination = "10.100.0.2:1443"; } # Headscale DERP (tcp)
|
||||
# { sourcePort = 3478; proto = "udp"; destination = "10.100.0.2:3478"; } # Headscale DERP (udp)
|
||||
# { sourcePort = 10000; proto = "udp"; destination = "10.100.0.2:10000"; } # Headscale DERP (udp)
|
||||
{ sourcePort = 4443; proto = "tcp"; destination = "10.100.0.2:4443"; } # Jitsi
|
||||
];
|
||||
};
|
||||
|
|
|
@ -22,9 +22,9 @@
|
|||
serviceConfig = {
|
||||
Restart = lib.mkOverride 500 "always";
|
||||
};
|
||||
after = [ "podman-network-piaware-default.service" ];
|
||||
after = [ "podman-network-piaware-default.service" ];
|
||||
requires = [ "podman-network-piaware-default.service" ];
|
||||
partOf = [ "podman-compose-piaware-root.target" ];
|
||||
partOf = [ "podman-compose-piaware-root.target" ];
|
||||
wantedBy = [ "podman-compose-piaware-root.target" ];
|
||||
};
|
||||
|
||||
|
@ -39,7 +39,7 @@
|
|||
script = ''
|
||||
podman network inspect piaware-default || podman network create piaware-default --opt isolate=true
|
||||
'';
|
||||
partOf = [ "podman-compose-piaware-root.target" ];
|
||||
partOf = [ "podman-compose-piaware-root.target" ];
|
||||
wantedBy = [ "podman-compose-piaware-root.target" ];
|
||||
};
|
||||
|
||||
|
|
Loading…
Reference in a new issue