adtya/configuration.nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

rico0: move world accessible vhosts here

Browse source
This commit is contained in:
Adithya 2024-10-28 23:52:16 +05:30
parent f0cf26941d
commit 06d36bb45a
Signed by: adtya
GPG key ID: B8857BFBA2C47B9C
16 changed files with 112 additions and 224 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
hosts/layne/services/apps/jellyfin.nix
View file

@ -1,7 +1,6 @@
_: _:
let let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
domainName = "watch.acomputer.lol";
in in
{ {
services = { services = {
@ -21,30 +20,8 @@ in
reverse_proxy 127.0.0.1:8096 reverse_proxy 127.0.0.1:8096
''; '';
}; };
"${domainName}" = {
inherit logFormat;
extraConfig = ''
reverse_proxy 127.0.0.1:8096
'';
};
}; };
}; };
frp.settings.proxies = [
{
name = "http.${domainName}";
type = "http";
customDomains = [ domainName ];
localPort = 80;
transport.useCompression = true;
}
{
name = "https.${domainName}";
type = "https";
customDomains = [ domainName ];
localPort = 443;
transport.useCompression = true;
}
];
jellyfin = { jellyfin = {
enable = true; enable = true;
user = "mediaserver"; user = "mediaserver";

17
hosts/wynne/services/apps/acomputer.lol.nix → hosts/rico0/services/apps/acomputer.lol.nix
View file

@ -17,26 +17,9 @@ in
handle /.well-known/matrix/client { handle /.well-known/matrix/client {
header Content-Type application/json header Content-Type application/json
header Access-Control-Allow-Origin * header Access-Control-Allow-Origin *
#respond `{"m.homeserver": {"base_url": "https://matrix.${domainName}:443"}, "org.matrix.msc3575.proxy": {"url": "https://matrix.${domainName}"}}`
respond `{"m.homeserver": {"base_url": "https://matrix.${domainName}:443"}}` respond `{"m.homeserver": {"base_url": "https://matrix.${domainName}:443"}}`
} }
''; '';
}; };
frp.settings.proxies = [
{
name = "http.${domainName}";
type = "http";
customDomains = [ "${domainName}" ];
localPort = 80;
transport.useCompression = true;
}
{
name = "https.${domainName}";
type = "https";
customDomains = [ "${domainName}" ];
localPort = 443;
transport.useCompression = true;
}
];
}; };
} }

16
hosts/rico0/services/apps/adtya.xyz.nix
View file

@ -17,21 +17,5 @@ in
} }
''; '';
}; };
frp.settings.proxies = [
{
name = "http.${domainName}";
type = "http";
customDomains = [ "${domainName}" "www.${domainName}" ];
localPort = 80;
transport.useCompression = true;
}
{
name = "https.${domainName}";
type = "https";
customDomains = [ "${domainName}" "www.${domainName}" ];
localPort = 443;
transport.useCompression = true;
}
];
}; };
} }

6
hosts/rico0/services/apps/default.nix
View file

@ -1,8 +1,14 @@
_: { _: {
imports = [ imports = [
./acomputer.lol.nix
./adtya.xyz.nix ./adtya.xyz.nix
./dendrite.nix
./forgejo.nix
./jellyfin.nix
./ntfy.nix
./proofs.nix ./proofs.nix
./wiki.nix ./wiki.nix
./dendrite.nix
../../../shared/prometheus-exporters.nix ../../../shared/prometheus-exporters.nix
../../../shared/promtail.nix ../../../shared/promtail.nix
]; ];

15
hosts/rico0/services/apps/dendrite.nix Normal file
View file

@ -0,0 +1,15 @@
_:
let
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
domainName = "matrix.acomputer.lol";
in
{
services = {
caddy.virtualHosts."${domainName}" = {
inherit logFormat;
extraConfig = ''
reverse_proxy 10.10.10.13:8008
'';
};
};
}

15
hosts/rico0/services/apps/forgejo.nix Normal file
View file

@ -0,0 +1,15 @@
_:
let
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
domainName = "forge.acomputer.lol";
in
{
services = {
caddy.virtualHosts."${domainName}" = {
inherit logFormat;
extraConfig = ''
reverse_proxy 10.10.10.13:3000
'';
};
};
}

17
hosts/rico0/services/apps/jellyfin.nix Normal file
View file

@ -0,0 +1,17 @@
_:
let
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
domainName = "watch.acomputer.lol";
in
{
services = {
caddy.virtualHosts = {
"${domainName}" = {
inherit logFormat;
extraConfig = ''
reverse_proxy 10.10.10.14:8096
'';
};
};
};
}

18
hosts/rico0/services/apps/ntfy.nix Normal file
View file

@ -0,0 +1,18 @@
_:
let
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
domainName = "ntfy.acomputer.lol";
in
{
services = {
caddy.virtualHosts = {
"${domainName}" = {
inherit logFormat;
extraConfig = ''
reverse_proxy 10.10.10.13:8080
'';
};
};
};
}

17
hosts/rico0/services/apps/proofs.nix
View file

@ -13,22 +13,5 @@ in
''; '';
}; };
}; };
frp.settings.proxies = [
{
name = "http.${domainName}";
type = "http";
customDomains = [ "${domainName}" ];
localPort = 80;
transport.useCompression = true;
}
{
name = "https.${domainName}";
type = "https";
customDomains = [ "${domainName}" ];
localPort = 443;
transport.useCompression = true;
}
];
}; };
} }

16
hosts/rico0/services/apps/wiki.nix
View file

@ -16,21 +16,5 @@ in
} }
''; '';
}; };
frp.settings.proxies = [
{
name = "http.${domainName}";
type = "http";
customDomains = [ "${domainName}" ];
localPort = 80;
transport.useCompression = true;
}
{
name = "https.${domainName}";
type = "https";
customDomains = [ "${domainName}" ];
localPort = 443;
transport.useCompression = true;
}
];
}; };
} }

43
hosts/rico0/services/default.nix
View file

@ -1,53 +1,10 @@
_: _:
let
inherit (import ../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
in
{ {
imports = [ imports = [
./apps ./apps
./btrfs.nix ./btrfs.nix
./ssh.nix ./ssh.nix
../../shared/caddy.nix ../../shared/caddy.nix
../../shared/frp.nix
]; ];
services.caddy = {
virtualHosts = {
"gateway.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 192.168.0.1:80
'';
};
"ap1.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 192.168.1.1:80
'';
};
"ap2.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 192.168.1.2:80
'';
};
"switch.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 192.168.1.3:80
'';
};
"frp.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 10.10.10.1:7500
'';
};
};
};
} }

38
hosts/rico1/services/apps/default.nix
View file

@ -1,4 +1,8 @@
_: { _:
let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
in
{
imports = [ imports = [
./alertmanager.nix ./alertmanager.nix
./blocky.nix ./blocky.nix
@ -8,4 +12,36 @@ _: {
../../../shared/prometheus-exporters.nix ../../../shared/prometheus-exporters.nix
../../../shared/promtail.nix ../../../shared/promtail.nix
]; ];
services.caddy = {
virtualHosts = {
"gateway.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 192.168.0.1:80
'';
};
"ap1.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 192.168.1.1:80
'';
};
"ap2.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 192.168.1.2:80
'';
};
"switch.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 192.168.1.3:80
'';
};
};
};
} }

1
hosts/wynne/services/apps/default.nix
View file

@ -1,7 +1,6 @@
_: { _: {
imports = [ imports = [
./dendrite ./dendrite
./acomputer.lol.nix
./forgejo.nix ./forgejo.nix
./ntfy.nix ./ntfy.nix
./postgresql.nix ./postgresql.nix

43
hosts/wynne/services/apps/dendrite/default.nix
View file

@ -1,8 +1,4 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let
inherit (import ../../../../shared/caddy-helpers.nix) logFormat;
domainName = "matrix.acomputer.lol";
in
{ {
sops = { sops = {
secrets = { secrets = {
@ -13,43 +9,6 @@ in
}; };
}; };
}; };
services = {
caddy.virtualHosts."${domainName}" = {
inherit logFormat;
extraConfig = ''
reverse_proxy /client/* 127.0.0.1:8009
# reverse_proxy /_matrix/client/unstable/org.matrix.msc3575/sync 127.0.0.1:8009
reverse_proxy /_matrix/* 127.0.0.1:8008
reverse_proxy /_dendrite/* 127.0.0.1:8008
reverse_proxy /_synapse/* 127.0.0.1:8008
'';
};
frp.settings.proxies = [
{
name = "http.${domainName}";
type = "http";
customDomains = [ "${domainName}" ];
localPort = 80;
transport.useCompression = true;
}
{
name = "https.${domainName}";
type = "https";
customDomains = [ "${domainName}" ];
localPort = 443;
transport.useCompression = true;
}
];
#matrix-sliding-sync = {
#enable = true;
#settings = {
# SYNCV3_SERVER = "https://${domainName}";
# SYNCV3_BINDADDR = "127.0.0.1:8009";
# SYNCV3_DB = "postgresql://dendrite@localhost/dendrite?sslmode=disable";
#};
#environmentFile = config.sops.secrets."matrix/syncv3_secret".path;
#};
};
systemd.services.dendrite = systemd.services.dendrite =
let let
dendrite_package = pkgs.dendrite; dendrite_package = pkgs.dendrite;
@ -69,7 +28,7 @@ in
RuntimeDirectoryMode = "0700"; RuntimeDirectoryMode = "0700";
LimitNOFILE = 65535; LimitNOFILE = 65535;
ExecStart = '' ExecStart = ''
${dendrite_package}/bin/dendrite -http-bind-address 127.0.0.1:8008 -config ${./config.yaml} ${dendrite_package}/bin/dendrite -http-bind-address 10.10.10.13:8008 -config ${./config.yaml}
''; '';
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
Restart = "on-failure"; Restart = "on-failure";

27
hosts/wynne/services/apps/forgejo.nix
View file

@ -1,33 +1,10 @@
{ config, lib, ... }: { config, lib, ... }:
let let
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
domainName = "forge.acomputer.lol";
cfg = config.services.forgejo; cfg = config.services.forgejo;
domainName = "forge.acomputer.lol";
in in
{ {
services = { services = {
caddy.virtualHosts."${domainName}" = {
inherit logFormat;
extraConfig = ''
reverse_proxy ${cfg.settings.server.HTTP_ADDR}:${toString cfg.settings.server.HTTP_PORT}
'';
};
frp.settings.proxies = [
{
name = "http.${domainName}";
type = "http";
customDomains = [ "${domainName}" ];
localPort = 80;
transport.useCompression = true;
}
{
name = "https.${domainName}";
type = "https";
customDomains = [ "${domainName}" ];
localPort = 443;
transport.useCompression = true;
}
];
forgejo = { forgejo = {
enable = true; enable = true;
stateDir = "/mnt/data/Forgejo"; stateDir = "/mnt/data/Forgejo";
@ -42,7 +19,7 @@ in
ROOT_URL = "https://${domainName}"; ROOT_URL = "https://${domainName}";
PROTOCOL = "http"; PROTOCOL = "http";
SSH_PORT = 42069; SSH_PORT = 42069;
HTTP_ADDR = "127.0.0.1"; HTTP_ADDR = "10.10.10.13";
HTTP_PORT = 3000; HTTP_PORT = 3000;
DOMAIN = domainName; DOMAIN = domainName;
}; };

24
hosts/wynne/services/apps/ntfy.nix
View file

@ -6,12 +6,6 @@ in
{ {
services = { services = {
caddy.virtualHosts = { caddy.virtualHosts = {
"${domainName}" = {
inherit logFormat;
extraConfig = ''
reverse_proxy ${config.services.ntfy-sh.settings.listen-http}
'';
};
"${config.networking.hostName}.labs.adtya.xyz" = { "${config.networking.hostName}.labs.adtya.xyz" = {
inherit logFormat; inherit logFormat;
extraConfig = '' extraConfig = ''
@ -24,27 +18,11 @@ in
}; };
}; };
frp.settings.proxies = [
{
name = "http.${domainName}";
type = "http";
customDomains = [ "${domainName}" ];
localPort = 80;
transport.useCompression = true;
}
{
name = "https.${domainName}";
type = "https";
customDomains = [ "${domainName}" ];
localPort = 443;
transport.useCompression = true;
}
];
ntfy-sh = { ntfy-sh = {
enable = true; enable = true;
settings = { settings = {
base-url = "https://${domainName}"; base-url = "https://${domainName}";
listen-http = "127.0.0.1:8080"; listen-http = "10.10.10.13:8080";
metrics-listen-http = "127.0.0.1:8081"; metrics-listen-http = "127.0.0.1:8081";
auth-file = "/mnt/data/ntfy-sh/user.db"; auth-file = "/mnt/data/ntfy-sh/user.db";
attachment-cache-dir = "/mnt/data/ntfy-sh/attachments"; attachment-cache-dir = "/mnt/data/ntfy-sh/attachments";