53 lines
1 KiB
Nix
53 lines
1 KiB
Nix
{ config, lib, ... }:
|
|
{
|
|
config = {
|
|
sops = {
|
|
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
|
defaultSopsFile = ./secrets/secrets.yaml;
|
|
secrets = {
|
|
wg_private_key = {
|
|
owner = "root";
|
|
sopsFile = ./secrets + "/${config.networking.hostName}.yaml";
|
|
};
|
|
wg_ipv6_local_addr = {
|
|
owner = "root";
|
|
sopsFile = ./secrets + "/${config.networking.hostName}.yaml";
|
|
};
|
|
};
|
|
};
|
|
swapDevices = [
|
|
{
|
|
device = "/swapfile";
|
|
size = 2 * 1024;
|
|
}
|
|
];
|
|
|
|
custom.prometheus.exporters = {
|
|
enable = true;
|
|
node.enable = true;
|
|
blackbox.enable = true;
|
|
v2ray.enable = true;
|
|
};
|
|
|
|
custom.monitoring = {
|
|
promtail.enable = true;
|
|
};
|
|
|
|
services.tailscale.enable = true;
|
|
|
|
commonSettings = {
|
|
auth.enable = true;
|
|
comin.enable = true;
|
|
proxyServer = {
|
|
enable = true;
|
|
users = [
|
|
"wyj"
|
|
"yhb"
|
|
"xin"
|
|
"zx"
|
|
];
|
|
};
|
|
};
|
|
};
|
|
|
|
}
|