Mic92/stockholm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

l prism.r: use iptables for hackerfleet

Browse Source
This commit is contained in:
lassulus 2018-04-20 23:30:19 +02:00
parent b067850740
commit e77030e772
1 changed files with 7 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
lass/1systems/prism/config.nix
View File

@ -110,29 +110,13 @@ in {
};
# TODO write function for proxy_pass (ssl/nonssl)
services.nginx.virtualHosts."hackerfleet.de" = {
serverAliases = [
"*.hackerfleet.de"
];
locations."/".extraConfig = ''
proxy_pass http://192.168.122.92:80;
'';
};
services.nginx.virtualHosts."hackerfleet.de-s" = {
serverName = "hackerfleet.de";
listen = [
{
addr = "0.0.0.0";
port = 443;
}
];
serverAliases = [
"*.hackerfleet.de"
];
locations."/".extraConfig = ''
proxy_pass http://192.168.122.92:443;
'';
};
krebs.iptables.tables.filter.FORWARD.rules = [
{ v6 = false; precedence = 1000; predicate = "-d 192.168.122.92"; target = "ACCEPT"; }
];
krebs.iptables.tables.nat.PREROUTING.rules = [
{ v6 = false; precedence = 1000; predicate = "-d 46.4.114.243"; target = "DNAT --to-destination 192.168.122.92"; }
];
}
{
users.users.tv = {