application du template
This commit is contained in:
@@ -1,13 +1,14 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
inherit (lib) mkIf mkMerge;
|
||||
profiles = config.r6d.profiles;
|
||||
inherit (lib) mkIf mkMerge mkThenElse;
|
||||
cfg = config.r6d.config-generator;
|
||||
computers = config.r6d.computers;
|
||||
profiles = config.r6d.profiles;
|
||||
in
|
||||
|
||||
mkIf cfg.nix-serve-client {
|
||||
|
||||
nix = {
|
||||
# Cache http pour le store
|
||||
requireSignedBinaryCaches = false;
|
||||
|
||||
@@ -1,12 +1,27 @@
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
with pkgs.lib;
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
inherit (lib) mkIf mkMerge mkThenElse;
|
||||
cfg = config.r6d.config-generator;
|
||||
in {
|
||||
computers = config.r6d.computers;
|
||||
profiles = config.r6d.profiles;
|
||||
in
|
||||
|
||||
mkIf cfg.nix-serve-server {
|
||||
|
||||
# Cache http pour le store
|
||||
|
||||
services.nix-serve.enable = cfg.nix-serve-server;
|
||||
networking.firewall.allowedTCPPorts = mkIf cfg.nix-serve-server [ 5000 ];
|
||||
# Services
|
||||
services.nix-serve = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
# Réseau
|
||||
networking.firewall = {
|
||||
allowedTCPPorts = [
|
||||
5000
|
||||
];
|
||||
allowedUDPPorts = [
|
||||
];
|
||||
};
|
||||
}
|
||||
|
||||
@@ -1,17 +1,20 @@
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
with pkgs.lib;
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
inherit (lib) mkIf mkMerge mkThenElse;
|
||||
cfg = config.r6d.config-generator;
|
||||
computers = config.r6d.computers;
|
||||
profiles = config.r6d.profiles;
|
||||
|
||||
ignoreip = "pedro.dubronetwork.fr cube.dubronetwork.fr voyage.prunetwork.fr xray.prunetwork.fr 192.168.0.0/16 172.16.0.0/16";
|
||||
destemail = "admins@dubronetwork.fr";
|
||||
in
|
||||
|
||||
mkIf cfg.fail2ban {
|
||||
|
||||
in {
|
||||
# Gestion de fail2ban
|
||||
|
||||
services = mkIf cfg.fail2ban {
|
||||
# Services
|
||||
services = {
|
||||
fail2ban = {
|
||||
enable = true;
|
||||
jails = {
|
||||
|
||||
@@ -1,9 +1,9 @@
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
with pkgs.lib;
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
inherit (lib) mkIf mkMerge mkThenElse;
|
||||
cfg = config.r6d.config-generator;
|
||||
computers = config.r6d.computers;
|
||||
profiles = config.r6d.profiles;
|
||||
|
||||
# Dubronetwork
|
||||
|
||||
@@ -1,4 +1,11 @@
|
||||
{ config, pkgs, ... }:
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
#inherit (lib) mkIf mkMerge mkThenElse;
|
||||
cfg = config.r6d.config-generator;
|
||||
computers = config.r6d.computers;
|
||||
profiles = config.r6d.profiles;
|
||||
in
|
||||
|
||||
{
|
||||
imports = [
|
||||
|
||||
@@ -1,6 +1,14 @@
|
||||
{ config, pkgs, ... }:
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
inherit (lib) mkIf mkMerge mkThenElse;
|
||||
cfg = config.r6d.config-generator;
|
||||
computers = config.r6d.computers;
|
||||
profiles = config.r6d.profiles;
|
||||
in
|
||||
|
||||
mkIf true {
|
||||
|
||||
{
|
||||
# Définition des domaines utilisés lorsque un identifiant non-FQDN est donné (ping, nslookup)
|
||||
networking = {
|
||||
search = [
|
||||
|
||||
Reference in New Issue
Block a user