refactor(attic): move headscale from mx to attic
Headscale is moving off the mx mailserver onto the attic cache host. The new public URL is https://headscale.hoyer.world. - Switch from useACMEHost = "hoyer.xyz" (mx wildcard DNS-01) to enableACME = true, since attic only has HTTP-01 configured. - Move headscale port to 8081 to avoid clashing with atticd on 8080. - Drop the 192.168.178.254 LAN nameserver from dns.nameservers.global, which isn't reachable from the Hetzner instance. Operational steps still required on attic: - Provision /var/lib/headscale/client_secret - Migrate the headscale state DB from mx - Point headscale.hoyer.world DNS at attic - Update the Nextcloud OIDC client's redirect URI
This commit is contained in:
parent
1094facb1e
commit
12c25bcde8
3 changed files with 4 additions and 5 deletions
|
|
@ -6,6 +6,7 @@
|
|||
imports = [
|
||||
./hardware-configuration.nix
|
||||
./atticd.nix
|
||||
./headscale.nix
|
||||
];
|
||||
|
||||
metacfg = {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue