newedge/infra
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
7e113ed2af634b9caa461f2650d33886eed1e39e
infra/machines/rigel/networking.nix
kurogeek 7e113ed2af mob next [ci-skip] [ci skip] [skip ci] 
lastFile:machines/rigel/networking.nix
2025-10-20 17:45:33 +07:00

105 lines
2.2 KiB
Nix
Raw Blame History

let
ata-interface = "enp2s0";
in
{
# clan.core.vars.generators.networking.files.ata-interface.secret = false;
networking.interfaces = {
${ata-interface} = {
useDHCP = false;
ipv4.addresses = [
{
address = "192.168.254.1";
prefixLength = 24;
}
];
};
};
services.dnsmasq = {
enable = true;
settings = {
bind-interfaces = true;
server = [
"1.1.1.1"
"8.8.8.8"
];
domain-needed = true;
domain = "localhost";
dhcp-range = [ "192.168.254.10,192.168.254.240,255.255.255.0,24h" ];
dhcp-option = [
"3,192.168.254.1"
"6,8.8.8.8,8.8.4.4"
];
interface = [ ata-interface ];
};
};
services.traefik = {
enable = true;
staticConfigOptions = {
# log.level = "DEBUG";
log = {
level = "DEBUG";
filePath = "/data/traefik/traefik.log";
};
serversTransport.insecureSkipVerify = true;
entryPoints = {
web = {
address = ":80";
transport.respondingTimeouts = {
readTimeout = "3600s";
writeTimeout = "0";
idleTimeout = "300s";
};
};
websecure = {
address = ":443";
transport.respondingTimeouts = {
readTimeout = "3600s";
writeTimeout = "0";
idleTimeout = "300s";
};
};
};
global = {
checkNewVersion = false;
sendAnonymousUsage = false;
};
};
dynamicConfigOptions = {
http.middlewares = {
redirect-to-https.redirectscheme = {
scheme = "https";
permanent = true;
};
redirect-to-www.redirectregex = {
permanent = true;
regex = "^https?://(?:www\\.)?(.+)";
replacement = "https://www.\${1}";
};
};
http = {
routers.ata-web = {
rule = "";
service = "ata-web";
};
services.ata-web.loadBalancer.servers = [ { url = "http://192.168.254.96"; } ];
};
};
};
networking.firewall.allowedUDPPorts = [
53
67
];
networking.firewall.allowedTCPPorts = [
53
80
443
];
}
Reference in New Issue View Git Blame Copy Permalink