random936/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added firewall rule for node exporters

Browse Source
This commit is contained in:
Random936 2025-02-10 20:08:14 -08:00
parent 5ff34bbfc6
commit 73bfe6d1f7
3 changed files with 104 additions and 103 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
config/assets/suricata.yaml
View File

@ -1,6 +1,5 @@
%YAML 1.1 %YAML 1.1
--- ---
vars: vars:
address-groups: address-groups:
HOME_NET: "[192.168.100.0/24]" HOME_NET: "[192.168.100.0/24]"

2
config/headless.nix
View File

@ -14,6 +14,8 @@
enable = true; enable = true;
port = 9002; port = 9002;
enabledCollectors = [ "systemd" "processes" ]; enabledCollectors = [ "systemd" "processes" ];
openFirewall = true;
firewallFilter = "-s 192.168.100.41 -p tcp -m tcp --dport 9002";
}; };
system.stateVersion = "24.05"; system.stateVersion = "24.05";

2
config/networking.nix
View File

@ -17,7 +17,7 @@ in {
}; };
networking.nameservers = [ gateway_ip ]; networking.nameservers = [ gateway_ip ];
networking.firewall.allowedTCPPorts = open_ports ++ [9002]; networking.firewall.allowedTCPPorts = open_ports;
networking.interfaces.enp6s18.ipv4.addresses = [ networking.interfaces.enp6s18.ipv4.addresses = [
{ {
address = ip_address; address = ip_address;