chn/nixos
1
0
Fork 0
mirror of https://github.com/CHN-beta/nixos.git synced 2024-10-23 11:08:44 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix frp tls cert

Browse Source
This commit is contained in:
陈浩南 2023-08-07 21:30:05 +08:00
parent f0be22d66a
commit 288a7ace2f
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
modules/services/default.nix
View File

@ -529,8 +529,8 @@ inputs:
bind_port = 7000;
bind_udp_port = 7000;
token = inputs.config.sops.placeholder."frp/token";
tls_cert_file = "${cert}/fullchain.pem";
tls_key_file = "${cert}/privkey.pem";
tls_cert_file = "${cert}/full.pem";
tls_key_file = "${cert}/key.pem";
tls_only = true;
user_conn_timeout = 30;
};
@ -541,6 +541,7 @@ inputs:
nixos.services.acme = { enable = true; certs = [ services.frpServer.serverName ]; };
security.acme.certs.${services.frpServer.serverName}.group = "frp";
users = { users.frp = { isSystemUser = true; group = "frp"; }; groups.frp = {}; };
networking.firewall.allowedTCPPorts = [ 7000 ];
}
)
];