Cleanup and minor changes

2025-01-11 23:57:50 -05:00
parent 1197820789
commit 562839d47d
5 changed files with 41 additions and 77 deletions
--- a/hosts/server/service.nix
+++ b/hosts/server/service.nix
@@ -5,8 +5,8 @@
 }: {
  networking.firewall = {
    enable = true;
-    allowedTCPPorts = [80 443 22 26615 25565 24454 8080 53];
-    allowedUDPPorts = [26615 25565 24454 8080 53];
+    allowedTCPPorts = [80 443 22];
+    allowedUDPPorts = [];
  };

  security.acme = {
@@ -37,46 +37,6 @@
      package = pkgs.ollama-intel;
    };

-    crab-hole = {
-      enable = true;
-      settings = {
-        api = {
-          listen = "192.168.0.2";
-          port = 8080;
-          show_doc = true;
-        };
-        downstream = [
-          {
-            listen = "192.168.0.2";
-            port = 53;
-            protocol = "udp";
-          }
-        ];
-        upstream = {
-          name_servers = [
-            {
-              protocol = "tls";
-              socket_addr = "[2606:4700:4700::1111]:853";
-              tls_dns_name = "1dot1dot1dot1.cloudflare-dns.com";
-              trust_nx_responses = false;
-            }
-            {
-              protocol = "tls";
-              socket_addr = "1.1.1.1:853";
-              tls_dns_name = "1dot1dot1dot1.cloudflare-dns.com";
-              trust_nx_responses = false;
-            }
-          ];
-        };
-        blocklist.lists = [
-          "https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts"
-          "https://raw.githubusercontent.com/anudeepND/blacklist/master/adservers.txt"
-          "https://raw.githubusercontent.com/anudeepND/blacklist/master/CoinMiner.txt"
-          "https://www.github.developerdan.com/hosts/lists/ads-and-tracking-extended.txt"
-        ];
-      };
-    };
-
    gitea = {
      enable = true;
      settings = {
@@ -114,7 +74,7 @@
        http = {
          use_x_forwarded_for = "true";
          trusted_proxies = ["127.0.0.1"];
-          server_port = 8003;
+          server_port = 8002;
        };
      };
    };
@@ -135,7 +95,7 @@
    searx = {
      enable = true;
      settings = {
-        server.port = 8005;
+        server.port = 8003;
        server.secret_key = "secretlol";
        search.formats = ["html" "json"];
      };
@@ -191,29 +151,20 @@
          };
        };

-        "srx.dhilton.xyz" = {
-          forceSSL = true;
-          enableACME = true;
-          locations."/" = {
-            proxyPass = "http://127.0.0.1:8005";
-            proxyWebsockets = true;
-          };
-        };
-
        "hom.dhilton.xyz" = {
          forceSSL = true;
          enableACME = true;
          locations."/" = {
-            proxyPass = "http://127.0.0.1:8003";
+            proxyPass = "http://127.0.0.1:8002";
            proxyWebsockets = true;
          };
        };

-        "map.dhilton.xyz" = {
+        "srx.dhilton.xyz" = {
          forceSSL = true;
          enableACME = true;
          locations."/" = {
-            proxyPass = "http://127.0.0.1:8100";
+            proxyPass = "http://127.0.0.1:8003";
            proxyWebsockets = true;
          };
        };