etorres/nixos
0
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases Wiki Activity

hosts: enable crowdsec-firewall-bouncer module for web-exposed hosts

Browse Source
This commit is contained in:
Eric Torres
2025-10-18 22:48:16 -07:00
parent 3199b45957
commit b2d590a899
3 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
hosts/hel-01/default.nix
View File

@@ -29,6 +29,10 @@
qemu.enable = true;
spice.enable = true;
crowdsec-firewall-bouncer = {
enable = true;
};
base.userSSHKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF3oNF68M+TaN8LB+jQH9hFaW3vpR3i54UiVRPqJxyAN etorres@xenon"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIISjU0h15s29Ir6ANHNujlOO0/7+bGvkpbpN6WzVhgW6 etorres@radon"

4
hosts/lax-01/default.nix
View File

@@ -52,6 +52,10 @@
};
ntfy.enable = true;
crowdsec-firewall-bouncer = {
enable = true;
};
crowdsec-traefik-bouncer = {
enable = true;
lapiKeyFile = config.sops.secrets."crowdsec/lapiKey".path;

4
hosts/nbg-01/default.nix
View File

@@ -36,6 +36,10 @@
};
};
crowdsec-firewall-bouncer = {
enable = true;
};
crowdsec-traefik-bouncer = {
enable = true;
lapiKeyFile = config.sops.secrets."crowdsec/lapiKey".path;