ediblerope
a8d163b4a8
The upstream NixOS crowdsec module fails on first deploy ("no API client
section in configuration") because it doesn't auto-register LAPI
credentials. The rewrite in NixOS/nixpkgs#446307 (TornaxO7's branch) adds
a setup oneshot that runs `cscli machines add --auto` if the credentials
file is missing, and handles DynamicUser StateDirectory permissions
explicitly. The bouncer rewrite gets matching auto-registration.
Vendor both module files locally and disable the upstream copies. Drop
modules/crowdsec/ and the disabledModules+imports lines once the PR
merges into nixpkgs unstable.
Config moves to the new unified `settings` API (no more separate
`localConfig`); LAPI moved to 127.0.0.1:8081 to dodge the qBit collision.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
|
||
|---|---|---|
| .. | ||
| adguard.nix | ||
| arr-interconnect.nix | ||
| authelia.nix | ||
| bazarr.nix | ||
| cloudflare-ddns.md | ||
| cloudflare-ddns.nix | ||
| crowdsec.nix | ||
| fail2ban.nix | ||
| game-servers.nix | ||
| go2rtc.nix | ||
| homepage.nix | ||
| jellyfin.nix | ||
| nginx.nix | ||
| prowlarr.nix | ||
| qbittorrent-nox.nix | ||
| radarr.nix | ||
| router.nix | ||
| server-permissions.nix | ||
| sonarr.nix | ||