diff options
Diffstat (limited to 'defaults')
-rw-r--r-- | defaults | 49 |
1 files changed, 44 insertions, 5 deletions
@@ -1,17 +1,56 @@ bashtard.backup.elements.0=filesystem bashtard.backup.fs.paths.0=/etc bashtard.backup.repositories.edephas=backup@edephas:{fqdn} -k3s.network.cidr.pods=10.57.40.0/20 -k3s.network.cidr.svcs=10.57.48.0/20 -k3s.network.service.dns=10.57.48.53 -k3s.flux.repo.url=ssh://git@10.57.100.7/srv/git/tyilnet dns.domain=tyil.net dns.upstream.0=185.181.61.24 dns.upstream.1=188.68.231.82 dns.upstream.2=51.83.172.84 dns.upstream.3=2a03:94e0:1804::1 dns.upstream.4=2001:470:71:6dc::53 +etc-nixos.path=/etc/nixos +etc-portage.path=/etc/portage +k3s-master.cluster-domain=k3s.tyil.nl +k3s-master.helm.apps.certmanager.chart=jetstack/cert-manager +k3s-master.helm.apps.certmanager.namespace=base-system +k3s-master.helm.apps.certmanager.values=certmanager.yaml +k3s-master.helm.repos.jetstack.url=https://charts.jetstack.io +k3s-master.service-node-port-min=1025 +k3s-node.cluster-domain=k3s.tyil.nl +k3s-node.entry.host=10.57.101.1 +k3s-node.service-node-port-min=1025 +k8s-master.flags.control-plane-endpoint=k8s.tyil.nl +k8s-master.flags.pod-network-cidr=fd68:1058:1992:8888::0/64 +k8s-master.flags.service-cidr=fd68:1058:1992:3381::80:0/108 +k8s-master.flags.service-dns-domain=k8s.tyil.nl +k8s-node.master.address=k8s.tyil.nl +k8s-node.node-ip&=vpn-wireguard.ipv6 +nftables.input.icmp.ipv4.policy=accept +nftables.input.icmp.ipv4.rate=2/second +nftables.input.icmp.ipv6.policy=accept +nftables.input.icmp.ipv6.rate=2/second +nftables.input.interfaces.lo.policy=accept +nftables.input.interfaces.tyilnet.policy=accept +nftables.input.interfaces.tyilnet1058.policy=accept +nftables.input.policy=drop +nftables.input.rules.mosh.policy=accept +nftables.input.rules.mosh.port=60000-61000 +nftables.input.rules.mosh.proto=udp +nftables.input.rules.ssh.policy=accept +nftables.input.rules.ssh.port=22 +nftables.input.rules.ssh.proto=tcp +nftables.input.rules.tincd.policy=accept +nftables.input.rules.tincd.port=655 +nftables.input.rules.tincd.proto=tcp,udp +nftables.input.rules.wireguard.policy=accept +nftables.input.rules.wireguard.port=51820 +nftables.input.rules.wireguard.proto=udp +nftables.input.state.established.policy=accept +nftables.input.state.invalid.policy=drop +nftables.input.state.related.policy=accept +seaweedfs-master.replication=100 +vpn-tinc.name=tyilnet +vpn-wireguard.interface=tyilnet1058 +vpn-wireguard.keepalive=10 www-blog.generator=hugo www-blog.path=/var/www/nl.tyil.www www-blog.repository=https://git.tyil.nl/blog -vpn-tinc.name=tyilnet |