Add garden and updates.

2024-12-23 11:20:27 -06:00 · 2024-12-23 11:20:27 -06:00 · dab0af910b
commit dab0af910b
parent 67823cbed6
14 changed files with 216 additions and 24 deletions
--- a/roles/caddy.nix
+++ b/roles/caddy.nix
@ -1,10 +1,20 @@
+{ config, pkgs, ... }:
+
 {
  services.caddy = {
    enable = true;
+    package = pkgs.callPackage ../pkgs/caddy.nix { };
    email = "nolan@thewordnerd.info";
  };
  networking.firewall.allowedTCPPorts = [
    80
    443
  ];
+  age.secrets.tsAuthKey = {
+    file = ../secrets/ts_auth_key.age;
+    owner = config.services.caddy.user;
+    group = config.services.caddy.group;
+    mode = "600";
+  };
+  systemd.services.caddy.serviceConfig.EnvironmentFile = config.age.secrets.tsAuthKey.path;
 }
--- a/roles/fail2ban.nix
+++ b/roles/fail2ban.nix
@ -0,0 +1,6 @@
+{
+  services.fail2ban = {
+    enable = true;
+    ignoreIP = [ "192.168.0.0/16" ];
+  };
+}
--- a/roles/syncthing.nix
+++ b/roles/syncthing.nix
@ -0,0 +1,6 @@
+{
+  services.syncthing = {
+    enable = true;
+    openDefaultPorts = true;
+  };
+}