SebastianStork/nixos-config
1
0
Fork 0
mirror of https://github.com/SebastianStork/nixos-config.git synced 2026-01-21 11:41:34 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

vps-monitor: Only allow writes to ntfy over vpn

Browse source
This commit is contained in:
SebastianStork 2026-01-15 22:21:25 +01:00
parent d73e3744a8
commit 9299842ce0
Signed by: SebastianStork
SSH key fingerprint: SHA256:tRrGdjYOwgHxpSc/wTOZQZEjxcb15P0tyXRsbAfd+2Q
1 changed files with 9 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

10
hosts/vps-monitor/default.nix
View file

@ -40,6 +40,14 @@
nebula.enable = true;
sshd.enable = true;
dns.enable = true;
caddy.virtualHosts."alerts.sprouted.cloud" = {
inherit (config.custom.web-services.ntfy) port;
extraConfig = ''
@putpost method PUT POST
respond @putpost "Access denied" 403 { close }
'';
};
};
web-services =
@ -59,7 +67,7 @@
ntfy = {
enable = true;
domain = "alerts.sprouted.cloud";
domain = "alerts.${privateDomain}";
};
grafana = {