chore(revert): slowly introducing changes

feat(authentik): fixing some fail2ban things
2025-10-05 09:27:51 +02:00 · 2025-10-02 05:45:35 +02:00
6 changed files with 36 additions and 23 deletions
--- a/hosts/kima/modules.nix
+++ b/hosts/kima/modules.nix
@@ -216,7 +216,7 @@
        flags = "--performance";
      };
      tailscale = {
-        enable = true;
+        enable = false;
      };
      udisks = {
        enable = true;
--- a/hosts/sobotka/modules.nix
+++ b/hosts/sobotka/modules.nix
@@ -214,7 +214,7 @@
        flags = "--performance";
      };
      tailscale = {
-        enable = true;
+        enable = false;
      };
      udisks = {
        enable = true;
--- a/hosts/sobotka/server.nix
+++ b/hosts/sobotka/server.nix
@@ -1,4 +1,5 @@
-{config, ...}: {
+{ config, ... }:
 {
  server = {
    enable = true;
    email = "adam@cnst.dev";
@@ -43,6 +44,10 @@
    };
    jellyfin = {
      enable = true;
      cloudflared = {
        tunnelId = "234811e2-bc86-44b2-9abd-493686e25704";
        credentialsFile = config.age.secrets.jellyfinCloudflared.path;
      };
    };
    uptime-kuma = {
      enable = true;
@@ -89,7 +94,7 @@
      gluetun.enable = true;
      qbittorrent = {
        enable = true;
-        port = 8080;
+        port = 8387;
      };
      slskd = {
        enable = true;
--- a/modules/server/authentik/default.nix
+++ b/modules/server/authentik/default.nix
@@ -4,11 +4,13 @@
  pkgs,
  self,
  ...
-}: let
+}:
 let
  unit = "authentik";
  cfg = config.server.${unit};
  srv = config.server;
-in {
+in
 {
  options.server.${unit} = {
    enable = lib.mkEnableOption {
      description = "Enable ${unit}";
@@ -53,11 +55,9 @@ in {
    age.secrets = {
      authentikEnv = {
        file = "${self}/secrets/authentikEnv.age";
        owner = "authentik";
      };
      authentikCloudflared = {
        file = "${self}/secrets/authentikCloudflared.age";
        owner = "authentik";
      };
    };
@@ -99,22 +99,23 @@ in {
            middlewares = {
              authentik = {
                forwardAuth = {
-                  tls.insecureSkipVerify = true;
+                  # tls.insecureSkipVerify = true;
                  address = "https://localhost:9443/outpost.goauthentik.io/auth/traefik";
                  trustForwardHeader = true;
                  authResponseHeaders = [
                    "X-authentik-username"
                    "X-authentik-groups"
                    "X-authentik-email"
-                    "X-authentik-name"
+                    # "X-authentik-name"
-                    "X-authentik-uid"
+                    # "X-authentik-uid"
                    "X-authentik-jwt"
-                    "X-authentik-meta-jwks"
+                    # "X-authentik-meta-jwks"
-                    "X-authentik-meta-outpost"
+                    # "X-authentik-meta-outpost"
-                    "X-authentik-meta-provider"
+                    # "X-authentik-meta-provider"
-                    "X-authentik-meta-app"
+                    # "X-authentik-meta-app"
-                    "X-authentik-meta-version"
+                    # "X-authentik-meta-version"
                  ];
                  timeout = "10s";
                };
              };
            };
--- a/modules/server/www/default.nix
+++ b/modules/server/www/default.nix
@@ -4,11 +4,18 @@
  pkgs,
  self,
  ...
-}: let
+}:
-  inherit (lib) mkOption mkEnableOption mkIf types;
+let
  inherit (lib)
    mkOption
    mkEnableOption
    mkIf
    types
    ;
  cfg = config.server.www;
  srv = config.server;
-in {
+in
 {
  options.server.www = {
    enable = mkEnableOption {
      description = "Enable personal website";
--- a/users/cnst/modules/kimamod.nix
+++ b/users/cnst/modules/kimamod.nix
@@ -11,7 +11,7 @@
        enable = true;
      };
      chromium = {
-        enable = true;
+        enable = false;
      };
      discord = {
        enable = true;
Author	SHA1	Message	Date
cnst	c9edc99a85	chore(revert): slowly introducing changes	2025-10-05 09:27:51 +02:00
cnst	67e83e3e4e	feat(authentik): fixing some fail2ban things	2025-10-02 05:45:35 +02:00