mirror of
https://github.com/anotherhadi/nixy.git
synced 2026-04-02 19:12:11 +02:00
34 lines
846 B
Nix
34 lines
846 B
Nix
{
|
|
config,
|
|
pkgs,
|
|
...
|
|
}: {
|
|
sops.secrets.cloudflared-token.mode = "0400";
|
|
|
|
# To setup cloudflared, run
|
|
# cloudflared tunnel login
|
|
# cloudflared tunnel create JackTunnel
|
|
# This will create a credentials file & give you the tunnel ID to use below.
|
|
services.cloudflared = {
|
|
enable = true;
|
|
tunnels."f7c8f777-a36c-4b9a-b6e3-6a112bd43e73" = {
|
|
credentialsFile = config.sops.secrets."cloudflared-token".path;
|
|
default = "http_status:404";
|
|
};
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
cloudflared
|
|
];
|
|
|
|
# At the moment (2025), for support of browser rendering of the tunnels, this line is required:
|
|
services.openssh.settings.Macs = [
|
|
# Current defaults:
|
|
"hmac-sha2-512-etm@openssh.com"
|
|
"hmac-sha2-256-etm@openssh.com"
|
|
"umac-128-etm@openssh.com"
|
|
# Added:
|
|
"hmac-sha2-256"
|
|
];
|
|
}
|