diff --git a/hosts/aristotle/default.nix b/hosts/aristotle/default.nix index 113a6ff..63f7c6b 100644 --- a/hosts/aristotle/default.nix +++ b/hosts/aristotle/default.nix @@ -30,9 +30,6 @@ localsend ]; - networking.firewall.allowedTCPPorts = [53317]; - networking.firewall.allowedUDPPorts = [53317]; - programs.adb.enable = true; programs.anime-game-launcher.enable = true; programs.seahorse.enable = true; diff --git a/hosts/blacksteel/default.nix b/hosts/blacksteel/default.nix index 0e97551..e43a24b 100644 --- a/hosts/blacksteel/default.nix +++ b/hosts/blacksteel/default.nix @@ -47,7 +47,7 @@ }; ######## Services - environment.systemPackages = with pkgs; [qbittorrent]; + environment.systemPackages = with pkgs; [qbittorrent-nox]; services.tailscale = { enable = true; @@ -60,14 +60,11 @@ "6222a3e0-98da-4325-be19-0f86a7318a41" = { credentialsFile = config.sops.secrets."cloudflared/secret".path; default = "http_status:404"; - ingress = { - # TODO: is this safe? - # browser <-> cloudflare cdn <-> cloudflared <-> caddy <-> mastodon - # ^ no tls in this part? - "mastodon.ny4.dev" = "http://localhost:80"; - "matrix.ny4.dev" = "http://localhost:80"; - "syncv3.ny4.dev" = "http://localhost:80"; - }; + ingress = lib.genAttrs [ + "mastodon.ny4.dev" + "matrix.ny4.dev" + "syncv3.ny4.dev" + ] (_: "http://localhost"); }; }; }; diff --git a/hosts/dust/default.nix b/hosts/dust/default.nix index 837d962..bb8c312 100644 --- a/hosts/dust/default.nix +++ b/hosts/dust/default.nix @@ -27,13 +27,13 @@ environment.systemPackages = with pkgs; [ yubikey-manager - localsend ]; networking.firewall.allowedTCPPorts = [53317]; networking.firewall.allowedUDPPorts = [53317]; programs.adb.enable = true; + programs.localsend.enable = true; programs.seahorse.enable = true; programs.steam.enable = true; programs.kdeconnect = {