deploy wireguard

2026-02-18 23:04:21 +01:00 · 2026-02-18 23:04:21 +01:00 · e097126817
commit e097126817
parent a47d096503
7 changed files with 84 additions and 202 deletions
--- a/hosts/nixos/nfss/proxy.nix
+++ b/hosts/nixos/nfss/proxy.nix
@ -1,67 +0,0 @@
-{ config, ... }:
-
-{
-  # Traefik dynamic configuration for vps host
-  services.traefik.dynamic.files."proxy".settings = {
-    http = {
-      serversTransports = {
-        longTimeout = {
-          forwardingTimeouts = {
-            dialTimeout = "30s";
-            responseHeaderTimeout = "1200s";
-            idleConnTimeout = "1200s";
-          };
-        };
-      };
-
-      routers = {
-
-        deluge = {
-          rule = "Host(`deluge.home.yanlincs.com`)";
-          service = "deluge";
-          tls = {
-            certResolver = "cloudflare";
-            domains = [{
-              main = "*.home.yanlincs.com";
-            }];
-          };
-        };
-
-        photo = {
-          rule = "Host(`photo.home.yanlincs.com`)";
-          service = "photo";
-          tls = {
-            certResolver = "cloudflare";
-            domains = [{
-              main = "*.home.yanlincs.com";
-            }];
-          };
-        };
-
-      };
-
-      services = {
-
-        deluge = {
-          loadBalancer = {
-            servers = [{
-              url = "http://127.0.0.1:8112";
-            }];
-          };
-        };
-
-        photo = {
-          loadBalancer = {
-            serversTransport = "longTimeout";
-            servers = [{
-              url = "http://127.0.0.1:8080";
-            }];
-          };
-        };
-
-      };
-
-    };
-
-  };
-}
--- a/hosts/nixos/nfss/system.nix
+++ b/hosts/nixos/nfss/system.nix
@ -4,11 +4,9 @@
  imports = [
    ./hardware-configuration.nix
    ./containers.nix
-    ./proxy.nix
    ../system-default.nix
-    ../../../modules/vpn/tailscale.nix
+    ../../../modules/vpn/wireguard.nix
    ../../../modules/podman.nix
-    ../../../modules/traefik.nix
    ../../../modules/borg/client.nix
    ../../../modules/media/server.nix
    ../../../modules/file-server/samba.nix
@ -132,9 +130,14 @@
    };
  };

-  services.tailscale-custom = {
-    exitNode = true;
-    subnetRoutes = [ "10.1.1.0/24" ];
+  services.wireguard-custom = {
+    enable = true;
+    mode = "client";
+    clientConfig = {
+      address = "10.2.2.10/24";
+      serverPublicKey = "46QHjSzAas5g9Hll1SCEu9tbR5owCxXAy6wGOUoPwUM=";
+      serverEndpoint = "91.98.84.215:51820";
+    };
  };

  # Media server services