26 lines
620 B
Nix
26 lines
620 B
Nix
|
{ config, lib, ... }: {
|
||
|
sops.secrets = {
|
||
|
"frp/token_file" = {
|
||
|
mode = "400";
|
||
|
owner = config.users.users.root.name;
|
||
|
group = config.users.users.root.group;
|
||
|
};
|
||
|
};
|
||
|
|
||
|
systemd.services.frp.serviceConfig.EnvironmentFile = config.sops.secrets."frp/token_file".path;
|
||
|
systemd.services.frp.serviceConfig.Restart = lib.mkForce "always";
|
||
|
|
||
|
services.frp = {
|
||
|
enable = true;
|
||
|
role = "client";
|
||
|
settings = {
|
||
|
serverAddr = "10.10.10.1";
|
||
|
serverPort = 7002;
|
||
|
transport.protocol = "quic";
|
||
|
auth.method = "token";
|
||
|
auth.token = "{{ .Envs.FRP_AUTH_TOKEN }}";
|
||
|
};
|
||
|
};
|
||
|
}
|
||
|
|