dotfiles/nixos-config
1
0
Fork 0
mirror of https://github.com/srid/nixos-config.git synced 2026-02-22 12:55:20 +08:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add nix-serve-ng behind Cloudflare Tunnel (#98)

Browse source
This commit is contained in:
Sridhar Ratnakumar 2025-10-01 12:37:10 -04:00 committed by GitHub
parent 04c6b3c1e1
commit 381a661586
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
7 changed files with 73 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

23
configurations/nixos/pureintent/default.nix
View file

@ -12,6 +12,7 @@ in
./configuration.nix
(self + /modules/nixos/linux/eternal-terminal.nix)
(self + /modules/nixos/shared/github-runner.nix)
inputs.nix-serve-cloudflared.nixosModules.default
];
home-manager.sharedModules = [
@ -27,6 +28,28 @@ in
}
];
# Cache key: cache.srid.ca:EGydqsWFaTZeW6vsXnOHclTXrmJ58gq/bkVYhRpuzQ8=
age.secrets."nix-serve-cloudflared/cache-key.pem" = {
file = self + /secrets/nix-serve-cloudflared/cache-key.pem.age;
mode = "0400";
};
age.secrets."nix-serve-cloudflared/cloudflared-credentials.json" = {
file = self + /secrets/nix-serve-cloudflared/cloudflared-credentials.json.age;
mode = "0400";
};
services.nix-serve-cloudflared = {
enable = true;
secretKeyFile = config.age.secrets."nix-serve-cloudflared/cache-key.pem".path;
cloudflare = {
tunnelId = "55569b77-5482-47c7-bf25-53d93b64d0c8";
credentialsFile = config.age.secrets."nix-serve-cloudflared/cloudflared-credentials.json".path;
domain = "cache.srid.ca";
};
};
nix.settings.sandbox = "relaxed";
services.openssh.enable = true;