SebastianStork/nixos-config
1
0
Fork 0
mirror of https://github.com/SebastianStork/nixos-config.git synced 2026-01-21 16:21:34 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

crowdsec: Fix bouncer option

Browse source
This commit is contained in:
SebastianStork 2025-09-10 23:39:27 +02:00
parent eff300b055
commit e23111b6d7
2 changed files with 12 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

2
hosts/srv-public/default.nix
View file

@ -29,7 +29,7 @@
sshd = true; sshd = true;
caddy = true; caddy = true;
}; };
bouncer.firewall = true; bouncers.firewall = true;
}; };
forgejo = { forgejo = {

20
modules/system/services/crowdsec.nix
View file

@ -11,9 +11,9 @@ let
user = config.users.users.crowdsec.name; user = config.users.users.crowdsec.name;
in in
{ {
imports = [ imports = with inputs.crowdsec.nixosModules; [
inputs.crowdsec.nixosModules.crowdsec crowdsec
inputs.crowdsec.nixosModules.crowdsec-firewall-bouncer crowdsec-firewall-bouncer
]; ];
options.custom.services.crowdsec = { options.custom.services.crowdsec = {
@ -31,7 +31,7 @@ in
caddy = lib.mkEnableOption ""; caddy = lib.mkEnableOption "";
sshd = lib.mkEnableOption ""; sshd = lib.mkEnableOption "";
}; };
bouncer.firewall = lib.mkEnableOption ""; bouncers.firewall = lib.mkEnableOption "";
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
@ -77,7 +77,7 @@ in
]; ];
}; };
crowdsec-firewall-bouncer = { crowdsec-firewall-bouncer = lib.mkIf cfg.bouncers.firewall {
enable = true; enable = true;
package = inputs.crowdsec.packages.${pkgs.system}.crowdsec-firewall-bouncer; package = inputs.crowdsec.packages.${pkgs.system}.crowdsec-firewall-bouncer;
settings = { settings = {
@ -120,9 +120,11 @@ in
fi fi
''; '';
in in
lib.mkAfter [ lib.mkAfter (
collectionsScript lib.concatLists [
bouncerScript (lib.singleton collectionsScript)
]; (lib.optional cfg.bouncers.firewall bouncerScript)
]
);
}; };
} }