home/nixos-servers
home/nixos-servers
Archived
2
0
Fork 0
Code Issues 8 Pull requests Projects Releases Packages Wiki Activity Actions

let nix manage firewall

Browse source 
closes #20
This commit is contained in:
Pim Kunis 2023-12-26 13:44:59 +01:00
parent 5a2f4d4696
commit 4278db3000
3 changed files with 16 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

10
modules/custom/k3s/default.nix
View file

@ -15,9 +15,13 @@ in {
config = lib.mkIf cfg.enable {
environment.systemPackages = [ pkgs.k3s ];
services.k3s.enable = true;
services.k3s.role = "server";
services.k3s.extraFlags = "--tls-san ${config.networking.fqdn} --data-dir ${config.custom.dataDisk.mountPoint}/k3s";
networking.firewall.allowedTCPPorts = [ 6443 ];
services.k3s = {
enable = true;
role = "server";
extraFlags = "--tls-san ${config.networking.fqdn} --data-dir ${config.custom.dataDisk.mountPoint}/k3s";
};
system.activationScripts.k3s-bootstrap.text =
let