From a7e892635ce3106746b9c834d389b7887e72db51 Mon Sep 17 00:00:00 2001 From: macronova Date: Wed, 6 Dec 2023 21:46:16 -0800 Subject: [PATCH] Refactor setup --- common/constants.nix | 12 ++++++ common/secrets.yaml | 6 +-- darwin/quasar/default.nix | 54 --------------------------- flake.lock | 60 +++++++++++++++--------------- flake.nix | 62 ++++++++++++++----------------- linux/blitzar/gui.nix | 3 +- linux/nebula/caddy.nix | 29 --------------- linux/nebula/conduit.nix | 6 +-- linux/nebula/default.nix | 1 - linux/nebula/forgejo.nix | 10 ++--- linux/nebula/network.nix | 13 +------ linux/nebula/tailscale.nix | 1 - linux/singularity/caddy.nix | 35 ++++++++++------- linux/singularity/headscale.nix | 7 ++-- linux/singularity/mailserver.nix | 23 ++++++------ linux/singularity/vaultwarden.nix | 12 +++--- 16 files changed, 124 insertions(+), 210 deletions(-) delete mode 100644 darwin/quasar/default.nix delete mode 100644 linux/nebula/caddy.nix diff --git a/common/constants.nix b/common/constants.nix index 81e9a36..ba16d1b 100644 --- a/common/constants.nix +++ b/common/constants.nix @@ -14,6 +14,13 @@ The home directory for the default user. ''; }; + tsMask = mkOption { + type = types.str; + default = "100.64.0.0/10"; + description = '' + The localhost address. + ''; + }; localhost = mkOption { type = types.str; default = "127.0.0.1"; @@ -24,9 +31,14 @@ port = mkOption { type = types.attrsOf types.port; default = { + conduit = 29800; + forgejo = 47674; + headscale = 27327; http = 80; https = 443; jellyfin = 8096; + vault-rkt = 25487; + vault-ws = 40513; }; description = '' The mapping from service to ports. diff --git a/common/secrets.yaml b/common/secrets.yaml index 200655b..732fe01 100644 --- a/common/secrets.yaml +++ b/common/secrets.yaml @@ -1,5 +1,3 @@ -cloudflare: - nebula: ENC[AES256_GCM,data:uK5RBgh8WfwpbIbTQSd9XGomc9GyvU1pWId7xqULwxOUPraXKWACG7GSSER/RPoDp0GQbd/Usc/HzXQPvQ==,iv:R8/jU6jYHfmBQ5KnV0lkDCVyj4rZmd0ZInIa7vrh79U=,tag:kjbZjvMYZMJOv/K1mYHPow==,type:str] users: macronova: password: ENC[AES256_GCM,data:o3WtsW7x9wy+gtl8UiT/s5q7F7Ym4q/CGvTy5Hl6FfvaEhbC/GPHQKVbz0MmRF3WV7Oq3jNxdryxWgXcd+WSCHoThNRIh/B4ZpLePD9Yi7Bf6trEYGWMdQM1Qx9pET7FaEBVOJC8eg+Ca4b/cASo53iuim6wzw==,iv:dbypWZHIXhl1kSnyiqW6R/O4NZb7u0R9X+tYpCKEMw4=,tag:bgCiGaH7EVfu7Sox0vulug==,type:str] @@ -36,8 +34,8 @@ sops: TG5mYWd3MnI5TlZiNXBjb0JJY3BvN0EKUd0ldQPe0/zdHjsmKEUhH7xkpO4nLfd5 fnTk1jGonJg+t+TqLLg/YYKlcNkgExWaIZ7wrd0RVKXOeC2BtM/wzQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-11-28T05:25:16Z" - mac: ENC[AES256_GCM,data:B+ubIgddt+6DKFw70eHI9tVqUtSO6+BOwLyn7CfzpibCGCKgvWd4K05v7Wy4iZXfwMQ4eS5aNn58yPGrCXKU+LSCKKk4167woQ3CR0ALKj3vQfDMJn02SDrYyu+C8VNN0cOUkw9MwyyTZQgkypz/dTgYv/s1cmHHldvcgiqPchk=,iv:1iKgkaTxMZUvwpmUXRl/xk7p5rIG0gH2nCjmARkV4Dk=,tag:+Zers+yBe6T4Ss6sZRweMw==,type:str] + lastmodified: "2023-12-07T05:17:46Z" + mac: ENC[AES256_GCM,data:yToqS0DMtXj92+012wkWItDGegJT+3MAIhMfiDkqn2G8AGsNadv6YXpR21Un5ZSZNyw3RGuRTvu5o0OT4ocV6IdJxAtxmZpteC6n4BMbm/NMDWw9LwXlNUrftJ3an4BLLtmPrY8nCa5ZTnMeWs0NI2CwPQmVBLEgHsbIJaK5Ly0=,iv:3xhueBREYHMW6vJWoYrRVcQIXn8yBt5eW4VT5wFEzvo=,tag:9yV3ncwTsa8J8yBv98VxbA==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1 diff --git a/darwin/quasar/default.nix b/darwin/quasar/default.nix deleted file mode 100644 index 587c91d..0000000 --- a/darwin/quasar/default.nix +++ /dev/null @@ -1,54 +0,0 @@ -{ config, pkgs, ... }: - -{ - # List packages installed in system profile. To search by name, run: - # $ nix-env -qaP | grep wget - - # Add trusted users - nix.settings.trusted-users = [ "root" "@admin" ]; - - # Configure nixpkgs - nixpkgs.config.allowUnfree = true; - - # Use common system packages - environment = { - systemPackages = with pkgs; [ - bat - bottom - direnv - dua - exa - fd - fzf - helix - nil - nixpkgs-fmt - rclone - ripgrep - tealdeer - zoxide - ]; - shells = [ pkgs.fish ]; - }; - - # Enable fish - programs.fish = { - enable = true; - interactiveShellInit = '' - alias ls=exa - zoxide init --cmd cd fish | source - ''; - }; - users.users.macronova = { - home = "/Users/macronova"; - shell = "${pkgs.fish}/bin/fish"; - }; - - # Auto upgrade nix package and the daemon service. - services.nix-daemon.enable = true; - # nix.package = pkgs.nix; - - # Used for backwards compatibility, please read the changelog before changing. - # $ darwin-rebuild changelog - system.stateVersion = 4; -} diff --git a/flake.lock b/flake.lock index 25b8607..9f42015 100644 --- a/flake.lock +++ b/flake.lock @@ -39,11 +39,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1700927249, - "narHash": "sha256-iqmIWiEng890/ru7ZBf4nUezFPyRm2fjRTvuwwxqk2o=", + "lastModified": 1701905325, + "narHash": "sha256-lda63LmEIlDMeCgWfjr3/wb487XPllBByfrGRieyEk4=", "owner": "nix-community", "repo": "disko", - "rev": "3cb78c93e6a02f494aaf6aeb37481c27a2e2ee22", + "rev": "1144887c6f4d2dcbb2316a24364ef53e25b0fcfe", "type": "github" }, "original": { @@ -88,11 +88,11 @@ }, "hardware": { "locked": { - "lastModified": 1701250978, - "narHash": "sha256-ohu3cz4edjpGxs2qUTgbs0WrnewOX4crnUJNEB6Jox4=", + "lastModified": 1701656485, + "narHash": "sha256-xDFormrGCKKGqngHa2Bz1GTeKlFMMjLnHhTDRdMJ1hs=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "8772491ed75f150f02552c60694e1beff9f46013", + "rev": "fa194fc484fd7270ab324bb985593f71102e84d1", "type": "github" }, "original": { @@ -106,11 +106,11 @@ "nixpkgs": "nixpkgs_3" }, "locked": { - "lastModified": 1701433070, - "narHash": "sha256-Gf9JStfENaUQ7YWFz3V7x/srIwr4nlnVteqaAxtwpgM=", + "lastModified": 1701728041, + "narHash": "sha256-x0pyrI1vC8evVDxCxyO6olOyr4wlFg9+VS3C3p4xFYQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "4a8545f5e737a6338814a4676dc8e18c7f43fc57", + "rev": "ac7216918cd65f3824ba7817dea8f22e61221eaf", "type": "github" }, "original": { @@ -147,11 +147,11 @@ "nixpkgs": "nixpkgs_5" }, "locked": { - "lastModified": 1701344951, - "narHash": "sha256-F0jd1tbSFreIpxNGtqVCxzUHKdSxjKLl2XFZPiz83zY=", + "lastModified": 1701522423, + "narHash": "sha256-V5TQ/1loQnegDjfLh61DxBWEQZivYEBq2kQpT0fn2cQ=", "owner": "viperML", "repo": "nh", - "rev": "c192a4a937ed3ab974e14c09b90092b226188281", + "rev": "375c6cf57de3a839b7937358659bea526da27eae", "type": "github" }, "original": { @@ -227,11 +227,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1700905716, - "narHash": "sha256-w1vHn2MbGfdC+CrP3xLZ3scsI06N0iQLU7eTHIVEFGw=", + "lastModified": 1701568804, + "narHash": "sha256-iwr1fjOCvlirVL/xNvOTwY9kg3L/F3TC/7yh/QszaPI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "dfb95385d21475da10b63da74ae96d89ab352431", + "rev": "dc01248a9c946953ad4d438b0a626f5c987a93e4", "type": "github" }, "original": { @@ -259,11 +259,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1700794826, - "narHash": "sha256-RyJTnTNKhO0yqRpDISk03I/4A67/dp96YRxc86YOPgU=", + "lastModified": 1701253981, + "narHash": "sha256-ztaDIyZ7HrTAfEEUt9AtTDNoCYxUdSd6NrRHaYOIxtk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5a09cb4b393d58f9ed0d9ca1555016a8543c2ac8", + "rev": "e92039b55bcd58469325ded85d4f58dd5a4eaf58", "type": "github" }, "original": { @@ -290,11 +290,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1701156937, - "narHash": "sha256-jpMJOFvOTejx211D8z/gz0ErRtQPy6RXxgD2ZB86mso=", + "lastModified": 1701263465, + "narHash": "sha256-lNXUIlkfyDyp9Ox21hr+wsEf/IBklLvb6bYcyeXbdRc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7c4c20509c4363195841faa6c911777a134acdf3", + "rev": "50aa30a13c4ab5e7ba282da460a3e3d44e9d0eb3", "type": "github" }, "original": { @@ -322,11 +322,11 @@ }, "nixpkgs_7": { "locked": { - "lastModified": 1701253981, - "narHash": "sha256-ztaDIyZ7HrTAfEEUt9AtTDNoCYxUdSd6NrRHaYOIxtk=", + "lastModified": 1701718080, + "narHash": "sha256-6ovz0pG76dE0P170pmmZex1wWcQoeiomUZGggfH9XPs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "e92039b55bcd58469325ded85d4f58dd5a4eaf58", + "rev": "2c7f3c0fb7c08a0814627611d9d7d45ab6d75335", "type": "github" }, "original": { @@ -338,11 +338,11 @@ }, "nixpkgs_8": { "locked": { - "lastModified": 1700856099, - "narHash": "sha256-RnEA7iJ36Ay9jI0WwP+/y4zjEhmeN6Cjs9VOFBH7eVQ=", + "lastModified": 1701336116, + "narHash": "sha256-kEmpezCR/FpITc6yMbAh4WrOCiT2zg5pSjnKrq51h5Y=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0bd59c54ef06bc34eca01e37d689f5e46b3fe2f1", + "rev": "f5c27c6136db4d76c30e533c20517df6864c46ee", "type": "github" }, "original": { @@ -371,11 +371,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1701127353, - "narHash": "sha256-qVNX0wOl0b7+I35aRu78xUphOyELh+mtUp1KBx89K1Q=", + "lastModified": 1701728052, + "narHash": "sha256-7lOMc3PtW5a55vFReBJLLLOnopsoi1W7MkjJ93jPV4E=", "owner": "Mic92", "repo": "sops-nix", - "rev": "b1edbf5c0464b4cced90a3ba6f999e671f0af631", + "rev": "e91ece6d2cf5a0ae729796b8f0dedceab5107c3d", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 2829c20..a08fe71 100644 --- a/flake.nix +++ b/flake.nix @@ -15,46 +15,38 @@ outputs = inputs@{ self, darwin, nixpkgs, nix-custom, ... }: let - darwinConfigDir = ./darwin; - linuxConfigDir = ./linux; + linuxCfgDir = ./linux; templateDir = ./template; - systemArgs = archPath: instance: { - modules = [ - # Import config from folder - (archPath + "/${instance}") - # Setup Nix - ({ pkgs, ... }: { - networking.hostName = instance; - nix = { - gc = { - automatic = true; - options = "--delete-older-than 30d"; - }; - settings = { - experimental-features = [ "nix-command" "flakes" ]; - auto-optimise-store = true; - }; - }; - nixpkgs = { - config.allowUnfree = true; - overlays = [ nix-custom.overlay ]; - }; - }) - ]; - specialArgs = { inherit inputs; inherit instance; }; - }; in { - darwinConfigurations = builtins.mapAttrs - (instance: _: - darwin.lib.darwinSystem (systemArgs darwinConfigDir instance // { - system = "aarch64-darwin"; - })) - (builtins.readDir darwinConfigDir); nixosConfigurations = builtins.mapAttrs (instance: _: - nixpkgs.lib.nixosSystem (systemArgs linuxConfigDir instance)) - (builtins.readDir linuxConfigDir); + nixpkgs.lib.nixosSystem ({ + modules = [ + # Import config from folder + (linuxCfgDir + "/${instance}") + # Setup Nix + ({ pkgs, ... }: { + networking.hostName = instance; + nix = { + gc = { + automatic = true; + options = "--delete-older-than 30d"; + }; + settings = { + experimental-features = [ "nix-command" "flakes" ]; + auto-optimise-store = true; + }; + }; + nixpkgs = { + config.allowUnfree = true; + overlays = [ nix-custom.overlay ]; + }; + }) + ]; + specialArgs = { inherit inputs; }; + })) + (builtins.readDir linuxCfgDir); templates = builtins.mapAttrs (template: _: { path = templateDir + "/${template}"; diff --git a/linux/blitzar/gui.nix b/linux/blitzar/gui.nix index d2e6631..686dff0 100644 --- a/linux/blitzar/gui.nix +++ b/linux/blitzar/gui.nix @@ -1,4 +1,5 @@ -{ config, pkgs, ... }: let usr = config.constants.userName; in { +{ config, pkgs, ... }: +let usr = config.constants.userName; in { home-manager.users.${usr} = { home.packages = with pkgs; [ exactaudiocopy diff --git a/linux/nebula/caddy.nix b/linux/nebula/caddy.nix deleted file mode 100644 index 5876955..0000000 --- a/linux/nebula/caddy.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ config, pkgs, ... }: - -{ - services.caddy = - { - enable = true; - virtualHosts = - let - conduitCfg = config.services.matrix-conduit.settings.global; - forgejoCfg = config.services.gitea.settings.server; - dn = config.constants.domain; - lh = config.constants.localhost; - in - { - "forgejo.${dn}".extraConfig = '' - reverse_proxy ${forgejoCfg.HTTP_ADDR}:${toString forgejoCfg.HTTP_PORT} - ''; - "jellyfin.${dn}".extraConfig = '' - reverse_proxy ${lh}:${toString config.constants.port.jellyfin} - ''; - "matrix.${dn}".extraConfig = '' - reverse_proxy /_matrix/* ${conduitCfg.address}:${toString conduitCfg.port} - file_server { - root ${pkgs.cinny} - } - ''; - }; - }; -} diff --git a/linux/nebula/conduit.nix b/linux/nebula/conduit.nix index fdc1c14..4b83409 100644 --- a/linux/nebula/conduit.nix +++ b/linux/nebula/conduit.nix @@ -3,9 +3,9 @@ { services.matrix-conduit = { enable = true; - settings.global = { - address = config.constants.localhost; - port = 29800; + settings.global = let const = config.constants; in { + address = const.tsMask; + port = const.port.conduit; server_name = config.constants.domain; }; }; diff --git a/linux/nebula/default.nix b/linux/nebula/default.nix index 3816161..888059c 100644 --- a/linux/nebula/default.nix +++ b/linux/nebula/default.nix @@ -6,7 +6,6 @@ hardware.nixosModules.common-cpu-amd hardware.nixosModules.common-cpu-amd-pstate ] ++ [ - ./caddy.nix ./conduit.nix ./configuration.nix ./disko.nix diff --git a/linux/nebula/forgejo.nix b/linux/nebula/forgejo.nix index 2b94909..a7ac4d2 100644 --- a/linux/nebula/forgejo.nix +++ b/linux/nebula/forgejo.nix @@ -6,11 +6,11 @@ appName = "Forgejo"; package = pkgs.forgejo; settings = { - server = let dn = config.constants.domain; in { - DOMAIN = dn; - HTTP_ADDR = config.constants.localhost; - HTTP_PORT = 47674; - ROOT_URL = "https://forgejo.${dn}"; + server = let const = config.constants; in { + DOMAIN = const.domain; + HTTP_ADDR = const.tsMask; + HTTP_PORT = const.port.forgejo; + ROOT_URL = "https://forgejo.${const.domain}"; }; service.DISABLE_REGISTRATION = true; session.COOKIE_SECURE = true; diff --git a/linux/nebula/network.nix b/linux/nebula/network.nix index 053dc88..df3fd0e 100644 --- a/linux/nebula/network.nix +++ b/linux/nebula/network.nix @@ -1,9 +1,9 @@ { config, ... }: -let const = config.constants; hn = config.networking.hostName; in { +let hn = config.networking.hostName; in { networking = { domain = config.constants.domain; - firewall.allowedTCPPorts = with const.port; [ http https ]; + firewall.trustedInterfaces = [ config.services.tailscale.interfaceName ]; hostId = "e6449321"; networkmanager = { enable = true; @@ -15,13 +15,6 @@ let const = config.constants; hn = config.networking.hostName; in { }; services = { - cloudflare-dyndns = { - enable = true; - apiTokenFile = config.sops.secrets."cloudflare/${hn}".path; - domains = builtins.attrNames config.services.caddy.virtualHosts; - ipv4 = false; - ipv6 = true; - }; openssh = { enable = true; hostKeys = [{ @@ -37,6 +30,4 @@ let const = config.constants; hn = config.networking.hostName; in { }; resolved.enable = true; }; - - sops.secrets."cloudflare/${hn}" = { }; } diff --git a/linux/nebula/tailscale.nix b/linux/nebula/tailscale.nix index 61930df..caaa2e8 100644 --- a/linux/nebula/tailscale.nix +++ b/linux/nebula/tailscale.nix @@ -1,7 +1,6 @@ { ... }: { services.tailscale = { enable = true; - extraUpFlags = [ "--advertise-exit-node" ]; port = 25555; useRoutingFeatures = "both"; }; diff --git a/linux/singularity/caddy.nix b/linux/singularity/caddy.nix index c005892..c05a2c5 100644 --- a/linux/singularity/caddy.nix +++ b/linux/singularity/caddy.nix @@ -1,4 +1,4 @@ -{ config, ... }: +{ config, pkgs, ... }: { services.caddy = { @@ -7,24 +7,31 @@ virtualHosts = let dn = config.constants.domain; - hsCfg = config.services.headscale; + home = "100.64.0.3"; + local = config.constants.localhost; msfqdn = config.mailserver.fqdn; mtfqdn = "matrix.${dn}"; - vaultCfg = config.services.vaultwarden.config; + portStr = builtins.mapAttrs (n: v: toString v) config.constants.port; wn = s: "/.well-known/${s}"; in { "${dn}".extraConfig = let wnm = wn "matrix"; in '' header ${wnm}/* Content-Type application/json header ${wnm}/* Access-Control-Allow-Origin * - respond ${wnm}/server `{ "m.server": "${mtfqdn}:${toString config.constants.port.https}" }` + respond ${wnm}/server `{ "m.server": "${mtfqdn}:${portStr.https}" }` respond ${wnm}/client `{ "m.homeserver": { "base_url": "https://${mtfqdn}" }, "m.identity_server": { "base_url": "https://${mtfqdn}" } }` ''; + "forgejo.${dn}".extraConfig = '' + reverse_proxy ${home}:${portStr.forgejo} + ''; "headscale.${dn}".extraConfig = '' - reverse_proxy ${hsCfg.address}:${toString hsCfg.port} + reverse_proxy ${local}:${portStr.headscale} + ''; + "jellyfin.${dn}".extraConfig = '' + reverse_proxy ${home}:${portStr.jellyfin} ''; ${msfqdn} = { extraConfig = '' @@ -34,17 +41,17 @@ ''; useACMEHost = msfqdn; }; + "matrix.${dn}".extraConfig = '' + reverse_proxy /_matrix/* ${home}:${portStr.conduit} + file_server { + root ${pkgs.cinny} + } + ''; "vault.${dn}".extraConfig = '' - reverse_proxy /notifications/hub/negotiate ${vaultCfg.ROCKET_ADDRESS}:${ - toString vaultCfg.ROCKET_PORT - } - reverse_proxy /notifications/hub ${vaultCfg.WEBSOCKET_ADDRESS}:${ - toString vaultCfg.WEBSOCKET_PORT - } - reverse_proxy ${vaultCfg.ROCKET_ADDRESS}:${ - toString vaultCfg.ROCKET_PORT - } { + reverse_proxy /notifications/hub/negotiate ${local}:${portStr.vault-rkt} + reverse_proxy /notifications/hub ${local}:${portStr.vault-ws} + reverse_proxy ${local}:${portStr.vault-rkt} { header_up X-Real-IP {remote_host} } ''; diff --git a/linux/singularity/headscale.nix b/linux/singularity/headscale.nix index 9bb84da..e45c8a5 100644 --- a/linux/singularity/headscale.nix +++ b/linux/singularity/headscale.nix @@ -1,16 +1,15 @@ { config, ... }: { - services = let const = config.constants; in { - headscale = { + services = { + headscale = let const = config.constants; in { enable = true; address = const.localhost; - port = 27327; + port = const.port.headscale; settings.server_url = "https://headscale.${const.domain}"; }; tailscale = { enable = true; - extraUpFlags = [ "--advertise-exit-node" ]; port = 27919; useRoutingFeatures = "both"; }; diff --git a/linux/singularity/mailserver.nix b/linux/singularity/mailserver.nix index 5ced106..8dcafd8 100644 --- a/linux/singularity/mailserver.nix +++ b/linux/singularity/mailserver.nix @@ -6,20 +6,19 @@ let mailSecret = "mail/${usr}/password"; in { - mailserver = - { - enable = true; - fqdn = "mail.${dn}"; - domains = [ dn ]; + mailserver = { + enable = true; + fqdn = "mail.${dn}"; + domains = [ dn ]; - loginAccounts = { - "${usr}@${dn}" = { - aliases = [ config.constants.postMaster ]; - hashedPasswordFile = config.sops.secrets.${mailSecret}.path; - }; + loginAccounts = { + "${usr}@${dn}" = { + aliases = [ config.constants.postMaster ]; + hashedPasswordFile = config.sops.secrets.${mailSecret}.path; }; - - certificateScheme = "acme"; }; + + certificateScheme = "acme"; + }; sops.secrets.${mailSecret} = { }; } diff --git a/linux/singularity/vaultwarden.nix b/linux/singularity/vaultwarden.nix index d5d96c3..c7d8b7a 100644 --- a/linux/singularity/vaultwarden.nix +++ b/linux/singularity/vaultwarden.nix @@ -1,18 +1,18 @@ { config, ... }: { - services.vaultwarden = let lh = config.constants.localhost; in { + services.vaultwarden = { enable = true; - config = { + config = let const = config.constants; in { # Disable signup SIGNUPS_ALLOWED = false; # Specify service port - ROCKET_ADDRESS = lh; - ROCKET_PORT = 25487; + ROCKET_ADDRESS = const.localhost; + ROCKET_PORT = const.port.vault-rkt; # Specify notification port WEBSOCKET_ENABLED = true; - WEBSOCKET_ADDRESS = lh; - WEBSOCKET_PORT = 40513; + WEBSOCKET_ADDRESS = const.localhost; + WEBSOCKET_PORT = const.port.vault-ws; }; }; }