vno1-op5p: add tailscale and deployerbot-follower
This commit is contained in:
parent
ac69473a17
commit
b790d6a5f2
|
@ -52,13 +52,25 @@ in {
|
|||
};
|
||||
|
||||
services = {
|
||||
tailscale.enable = true;
|
||||
node_exporter.enable = true;
|
||||
};
|
||||
sshguard.enable = true;
|
||||
|
||||
services.postfix = {
|
||||
postfix = {
|
||||
enable = true;
|
||||
saslPasswdPath = config.age.secrets.sasl-passwd.path;
|
||||
};
|
||||
|
||||
deployerbot = {
|
||||
follower = {
|
||||
inherit (myData.hosts."vno1-oh2.servers.jakst") publicKey;
|
||||
|
||||
enable = true;
|
||||
sshAllowSubnets = [myData.subnets.tailscale.sshPattern];
|
||||
uidgid = myData.uidgid.updaterbot-deployee;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
services.pcscd.enable = true;
|
||||
|
|
Loading…
Reference in New Issue