44 lines
1.3 KiB
Nix
44 lines
1.3 KiB
Nix
{ ... }:
|
|
|
|
{
|
|
imports = [
|
|
../common.nix
|
|
../../services/openssh.nix
|
|
../../services/nginx.nix
|
|
./nginx.nix
|
|
./synapse.nix
|
|
./draupnir.nix
|
|
];
|
|
|
|
networking = {
|
|
hostName = "matrix";
|
|
firewall = {
|
|
allowedTCPPorts = [
|
|
80 # HTTP/1
|
|
443 # HTTP/2
|
|
#8448 # Matrix federation
|
|
];
|
|
allowedUDPPorts = [
|
|
443 # HTTP/3
|
|
];
|
|
extraInputRules = ''
|
|
ip saddr 195.160.173.14/32 tcp dport 9009 accept comment "Allow monitoring to scrape"
|
|
ip6 saddr 2001:678:760:cccb::14/128 tcp dport 9009 accept comment "Allow monitoring to scrape"
|
|
'';
|
|
};
|
|
};
|
|
|
|
services = {
|
|
openssh.banner = ''
|
|
__ __
|
|
/\ \__ __ /\ \
|
|
___ ___ __ \ \ ,_\ _ __ /\_\ __ _ ___ ___ ___\ \ \____
|
|
/' __` __`\ /'__`\ \ \ \/ /\`'__\/\ \ /\ \/'\ /'___\ /'___\ /'___\ \ '__`\
|
|
/\ \/\ \/\ \/\ \L\.\_\ \ \_\ \ \/ \ \ \\/> </ /\ \__//\ \__//\ \__/\ \ \L\ \
|
|
\ \_\ \_\ \_\ \__/.\_\\ \__\\ \_\ \ \_\/\_/\_\ \ \____\ \____\ \____\\ \_,__/
|
|
\/_/\/_/\/_/\/__/\/_/ \/__/ \/_/ \/_/\//\/_/ \/____/\/____/\/____/ \/___/
|
|
'';
|
|
};
|
|
|
|
system.stateVersion = "25.05";
|
|
}
|