Compare commits
10 commits
e1c27e2e20
...
4eb9509ca9
Author | SHA1 | Date | |
---|---|---|---|
|
4eb9509ca9 | ||
|
e847d6b5d8 | ||
|
9a946eb90d | ||
|
0b0ba25216 | ||
|
f17523df6f | ||
|
a3779c77ad | ||
|
397aa53bd4 | ||
|
239d081e7c | ||
|
ae58feb8f7 | ||
|
bf82dbc158 |
3 changed files with 20 additions and 26 deletions
|
@ -1,6 +1,6 @@
|
|||
{ pkgs, ... }:
|
||||
{
|
||||
environment.systemPackages = [ pkgs.gitea ];
|
||||
environment.systemPackages = [ pkgs.forgejo ];
|
||||
|
||||
users.users."gitea".openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPLfc2MW5f4Qn1ifAjPPSTRjDST9Bpwn4M8pWvtYrlnY nixos@wsl@hermes"
|
||||
|
@ -29,8 +29,6 @@
|
|||
ROOT_URL = "https://git.bhankas.org";
|
||||
DOMAIN = "git.bhankas.org";
|
||||
COOKIE_SECURE = true;
|
||||
SSH_SERVER_USE_PROXY_PROTOCOL = true;
|
||||
# LOCAL_ROOT_URL
|
||||
SSH_DOMAIN = "ssh.bhankas.org";
|
||||
};
|
||||
repository = {
|
||||
|
@ -56,15 +54,6 @@
|
|||
;
|
||||
};
|
||||
};
|
||||
|
||||
"ssh.bhankas.org" = {
|
||||
addSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:22";
|
||||
proxyWebsockets = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -73,10 +62,5 @@
|
|||
email = "admin@bhankas.org";
|
||||
dnsResolver = "1.1.1.1:53";
|
||||
};
|
||||
|
||||
"ssh.bhankas.org" = {
|
||||
email = "admin@bhankas.org";
|
||||
dnsResolver = "1.1.1.1:53";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -12,14 +12,24 @@
|
|||
GatewayPorts = "yes";
|
||||
UseDns = true;
|
||||
};
|
||||
listenAddresses = [
|
||||
{
|
||||
addr = "0.0.0.0";
|
||||
port = 22;
|
||||
}
|
||||
{
|
||||
addr = "ssh.bhankas.org";
|
||||
port = 22;
|
||||
}
|
||||
];
|
||||
banner = ''
|
||||
___. ___.
|
||||
\_ |__ ____\_ |__ ____ ______
|
||||
| __ \_/ __ \| __ \ / _ \\____ \
|
||||
| \_\ \ ___/| \_\ ( <_> ) |_> >
|
||||
|___ /\___ >___ /\____/| __/
|
||||
\/ \/ \/ |__|
|
||||
'';
|
||||
___. ___.
|
||||
\_ |__ ____\_ |__ ____ ______
|
||||
| __ \_/ __ \| __ \ / _ \\____ \
|
||||
| \_\ \ ___/| \_\ ( <_> ) |_> >
|
||||
|___ /\___ >___ /\____/| __/
|
||||
\/ \/ \/ |__|
|
||||
'';
|
||||
};
|
||||
|
||||
fail2ban = {
|
||||
|
|
|
@ -50,9 +50,9 @@
|
|||
ssh = {
|
||||
enable = true;
|
||||
matchBlocks = {
|
||||
"git.bhankas.org" = {
|
||||
"ssh.bhankas.org" = {
|
||||
user = "gitea";
|
||||
hostname = "git.bhankas.org";
|
||||
hostname = "ssh.bhankas.org";
|
||||
identityFile = [ "~/.ssh/id_ed25519" ];
|
||||
proxyCommand = "${pkgs.cloudflared}/bin/cloudflared access ssh --hostname %h";
|
||||
};
|
||||
|
|
Reference in a new issue