vno1-op5p: add tailscale and deployerbot-follower

This commit is contained in:
Motiejus Jakštys 2024-03-10 16:05:47 +02:00
parent ac69473a17
commit b790d6a5f2

View File

@ -52,12 +52,24 @@ in {
}; };
services = { services = {
tailscale.enable = true;
node_exporter.enable = true; node_exporter.enable = true;
}; sshguard.enable = true;
services.postfix = { postfix = {
enable = true; enable = true;
saslPasswdPath = config.age.secrets.sasl-passwd.path; saslPasswdPath = config.age.secrets.sasl-passwd.path;
};
deployerbot = {
follower = {
inherit (myData.hosts."vno1-oh2.servers.jakst") publicKey;
enable = true;
sshAllowSubnets = [myData.subnets.tailscale.sshPattern];
uidgid = myData.uidgid.updaterbot-deployee;
};
};
}; };
}; };