From 486eb712402053c2303211e98a71d9761eef64ea Mon Sep 17 00:00:00 2001 From: Adithya Nair Date: Sun, 27 Oct 2024 23:09:50 +0530 Subject: [PATCH] all: cleanup caddy --- hosts/layne/services/apps/jackett.nix | 5 +++-- hosts/layne/services/apps/jellyfin.nix | 12 ++++++------ hosts/layne/services/apps/radarr.nix | 5 +++-- hosts/layne/services/apps/readarr.nix | 5 +++-- hosts/layne/services/apps/sonarr.nix | 5 +++-- hosts/layne/services/apps/transmission.nix | 6 +++--- hosts/rico0/services/apps/adtya.xyz.nix | 2 +- hosts/rico0/services/apps/proofs.nix | 2 +- hosts/rico0/services/apps/wiki.nix | 2 +- hosts/rico0/services/default.nix | 17 +++++++++++------ hosts/rico1/services/apps/alertmanager.nix | 6 +++--- hosts/rico1/services/apps/blocky.nix | 6 +++--- hosts/rico1/services/apps/grafana.nix | 6 +++--- hosts/rico1/services/apps/loki/default.nix | 6 +++--- hosts/rico1/services/apps/prometheus.nix | 6 +++--- hosts/shared/caddy-helpers.nix | 6 +++--- hosts/shared/caddy.nix | 2 +- hosts/shared/prometheus-exporters.nix | 6 +++--- hosts/wynne/services/apps/acomputer.lol.nix | 2 +- hosts/wynne/services/apps/dendrite/default.nix | 2 +- hosts/wynne/services/apps/forgejo.nix | 2 +- hosts/wynne/services/apps/ntfy.nix | 7 ++++--- 22 files changed, 64 insertions(+), 54 deletions(-) diff --git a/hosts/layne/services/apps/jackett.nix b/hosts/layne/services/apps/jackett.nix index 7306fb5..581232c 100644 --- a/hosts/layne/services/apps/jackett.nix +++ b/hosts/layne/services/apps/jackett.nix @@ -1,12 +1,13 @@ _: let - inherit (import ../../../shared/caddy-helpers.nix) tlsDNSChallenge; + inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; in { services = { caddy.virtualHosts."jackett.labs.adtya.xyz" = { + inherit logFormat; extraConfig = '' - ${tlsDNSChallenge} + ${tlsAcmeDnsChallenge} reverse_proxy 127.0.0.1:9117 ''; }; diff --git a/hosts/layne/services/apps/jellyfin.nix b/hosts/layne/services/apps/jellyfin.nix index 3c9c171..0cdebcb 100644 --- a/hosts/layne/services/apps/jellyfin.nix +++ b/hosts/layne/services/apps/jellyfin.nix @@ -1,6 +1,6 @@ _: let - inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsDNSChallenge; + inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; domainName = "watch.acomputer.lol"; in { @@ -8,21 +8,21 @@ in caddy = { virtualHosts = { "jellyfin.local.adtya.xyz" = { - logFormat = logFormat "jellyfin.local.adtya.xyz"; + inherit logFormat; extraConfig = '' - ${tlsDNSChallenge} + ${tlsAcmeDnsChallenge} reverse_proxy 127.0.0.1:8096 ''; }; "jellyfin.labs.adtya.xyz" = { - logFormat = logFormat "jellyfin.labs.adtya.xyz"; + inherit logFormat; extraConfig = '' - ${tlsDNSChallenge} + ${tlsAcmeDnsChallenge} reverse_proxy 127.0.0.1:8096 ''; }; "${domainName}" = { - logFormat = logFormat domainName; + inherit logFormat; extraConfig = '' reverse_proxy 127.0.0.1:8096 ''; diff --git a/hosts/layne/services/apps/radarr.nix b/hosts/layne/services/apps/radarr.nix index 5150335..7a409cd 100644 --- a/hosts/layne/services/apps/radarr.nix +++ b/hosts/layne/services/apps/radarr.nix @@ -1,12 +1,13 @@ _: let - inherit (import ../../../shared/caddy-helpers.nix) tlsDNSChallenge; + inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; in { services = { caddy.virtualHosts."radarr.labs.adtya.xyz" = { + inherit logFormat; extraConfig = '' - ${tlsDNSChallenge} + ${tlsAcmeDnsChallenge} reverse_proxy 127.0.0.1:7878 ''; }; diff --git a/hosts/layne/services/apps/readarr.nix b/hosts/layne/services/apps/readarr.nix index deae058..44c3242 100644 --- a/hosts/layne/services/apps/readarr.nix +++ b/hosts/layne/services/apps/readarr.nix @@ -1,12 +1,13 @@ _: let - inherit (import ../../../shared/caddy-helpers.nix) tlsDNSChallenge; + inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; in { services = { caddy.virtualHosts."readarr.labs.adtya.xyz" = { + inherit logFormat; extraConfig = '' - ${tlsDNSChallenge} + ${tlsAcmeDnsChallenge} reverse_proxy 127.0.0.1:8787 ''; }; diff --git a/hosts/layne/services/apps/sonarr.nix b/hosts/layne/services/apps/sonarr.nix index 4ec1ab8..47db600 100644 --- a/hosts/layne/services/apps/sonarr.nix +++ b/hosts/layne/services/apps/sonarr.nix @@ -1,12 +1,13 @@ _: let - inherit (import ../../../shared/caddy-helpers.nix) tlsDNSChallenge; + inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; in { services = { caddy.virtualHosts."sonarr.labs.adtya.xyz" = { + inherit logFormat; extraConfig = '' - ${tlsDNSChallenge} + ${tlsAcmeDnsChallenge} reverse_proxy 127.0.0.1:8989 ''; }; diff --git a/hosts/layne/services/apps/transmission.nix b/hosts/layne/services/apps/transmission.nix index c5ac98e..c284ee9 100644 --- a/hosts/layne/services/apps/transmission.nix +++ b/hosts/layne/services/apps/transmission.nix @@ -1,14 +1,14 @@ { pkgs, ... }: let - inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsDNSChallenge; + inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; in { services = { caddy = { virtualHosts."transmission.labs.adtya.xyz" = { - logFormat = logFormat "transmission.labs.adtya.xyz"; + inherit logFormat; extraConfig = '' - ${tlsDNSChallenge} + ${tlsAcmeDnsChallenge} reverse_proxy 127.0.0.1:9091 ''; }; diff --git a/hosts/rico0/services/apps/adtya.xyz.nix b/hosts/rico0/services/apps/adtya.xyz.nix index 59a89b3..0b2883d 100644 --- a/hosts/rico0/services/apps/adtya.xyz.nix +++ b/hosts/rico0/services/apps/adtya.xyz.nix @@ -7,7 +7,7 @@ in services = { caddy.virtualHosts."${domainName}" = { serverAliases = [ "www.${domainName}" ]; - logFormat = logFormat domainName; + inherit logFormat; extraConfig = '' handle { root * ${inputs.adtyaxyz.packages.${pkgs.system}.default}/share/web diff --git a/hosts/rico0/services/apps/proofs.nix b/hosts/rico0/services/apps/proofs.nix index b75732f..34d2e1e 100644 --- a/hosts/rico0/services/apps/proofs.nix +++ b/hosts/rico0/services/apps/proofs.nix @@ -7,7 +7,7 @@ in services = { caddy.virtualHosts = { "${domainName}" = { - logFormat = logFormat domainName; + inherit logFormat; extraConfig = '' redir https://keyoxide.org/hkp/51E4F5AB1B82BE45B4229CC243A5E25AA5A27849 ''; diff --git a/hosts/rico0/services/apps/wiki.nix b/hosts/rico0/services/apps/wiki.nix index 7c2c328..403755d 100644 --- a/hosts/rico0/services/apps/wiki.nix +++ b/hosts/rico0/services/apps/wiki.nix @@ -6,7 +6,7 @@ in { services = { caddy.virtualHosts."${domainName}" = { - logFormat = logFormat domainName; + inherit logFormat; extraConfig = '' handle { root * ${inputs.wiki.packages.${pkgs.system}.default}/share/web diff --git a/hosts/rico0/services/default.nix b/hosts/rico0/services/default.nix index bc930c1..1710c90 100644 --- a/hosts/rico0/services/default.nix +++ b/hosts/rico0/services/default.nix @@ -1,6 +1,6 @@ _: let - inherit (import ../../shared/caddy-helpers.nix) tlsDNSChallenge; + inherit (import ../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; in { imports = [ @@ -14,32 +14,37 @@ in services.caddy = { virtualHosts = { "gateway.labs.adtya.xyz" = { + inherit logFormat; extraConfig = '' - ${tlsDNSChallenge} + ${tlsAcmeDnsChallenge} reverse_proxy 192.168.0.1:80 ''; }; "ap1.labs.adtya.xyz" = { + inherit logFormat; extraConfig = '' - ${tlsDNSChallenge} + ${tlsAcmeDnsChallenge} reverse_proxy 192.168.1.1:80 ''; }; "ap2.labs.adtya.xyz" = { + inherit logFormat; extraConfig = '' - ${tlsDNSChallenge} + ${tlsAcmeDnsChallenge} reverse_proxy 192.168.1.2:80 ''; }; "switch.labs.adtya.xyz" = { + inherit logFormat; extraConfig = '' - ${tlsDNSChallenge} + ${tlsAcmeDnsChallenge} reverse_proxy 192.168.1.3:80 ''; }; "frp.labs.adtya.xyz" = { + inherit logFormat; extraConfig = '' - ${tlsDNSChallenge} + ${tlsAcmeDnsChallenge} reverse_proxy 10.10.10.1:7500 ''; }; diff --git a/hosts/rico1/services/apps/alertmanager.nix b/hosts/rico1/services/apps/alertmanager.nix index 642da24..7c17962 100644 --- a/hosts/rico1/services/apps/alertmanager.nix +++ b/hosts/rico1/services/apps/alertmanager.nix @@ -1,15 +1,15 @@ _: let - inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsDNSChallenge; + inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; domainName = "alertmanager.labs.adtya.xyz"; in { services = { caddy = { virtualHosts."${domainName}" = { - logFormat = logFormat "${domainName}"; + inherit logFormat; extraConfig = '' - ${tlsDNSChallenge} + ${tlsAcmeDnsChallenge} reverse_proxy 127.0.0.1:9093 ''; }; diff --git a/hosts/rico1/services/apps/blocky.nix b/hosts/rico1/services/apps/blocky.nix index 96f557a..e72af2f 100644 --- a/hosts/rico1/services/apps/blocky.nix +++ b/hosts/rico1/services/apps/blocky.nix @@ -1,6 +1,6 @@ { pkgs, ... }: let - inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsDNSChallenge; + inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; domainName = "blocky.labs.adtya.xyz"; in { @@ -18,9 +18,9 @@ in services = { caddy = { virtualHosts."${domainName}" = { - logFormat = logFormat domainName; + inherit logFormat; extraConfig = '' - ${tlsDNSChallenge} + ${tlsAcmeDnsChallenge} reverse_proxy 127.0.0.1:8080 ''; }; diff --git a/hosts/rico1/services/apps/grafana.nix b/hosts/rico1/services/apps/grafana.nix index 622f6db..5c5ea78 100644 --- a/hosts/rico1/services/apps/grafana.nix +++ b/hosts/rico1/services/apps/grafana.nix @@ -1,15 +1,15 @@ _: let - inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsDNSChallenge; + inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; domainName = "grafana.labs.adtya.xyz"; in { services = { caddy = { virtualHosts."${domainName}" = { - logFormat = logFormat domainName; + inherit logFormat; extraConfig = '' - ${tlsDNSChallenge} + ${tlsAcmeDnsChallenge} reverse_proxy 127.0.0.1:9091 ''; }; diff --git a/hosts/rico1/services/apps/loki/default.nix b/hosts/rico1/services/apps/loki/default.nix index ba82b48..5f9a8bb 100644 --- a/hosts/rico1/services/apps/loki/default.nix +++ b/hosts/rico1/services/apps/loki/default.nix @@ -1,15 +1,15 @@ _: let - inherit (import ../../../../shared/caddy-helpers.nix) logFormat tlsDNSChallenge; + inherit (import ../../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; domainName = "loki.labs.adtya.xyz"; in { services = { caddy = { virtualHosts."${domainName}" = { - logFormat = logFormat domainName; + inherit logFormat; extraConfig = '' - ${tlsDNSChallenge} + ${tlsAcmeDnsChallenge} reverse_proxy 127.0.0.1:3100 ''; }; diff --git a/hosts/rico1/services/apps/prometheus.nix b/hosts/rico1/services/apps/prometheus.nix index adaafa3..eedf9fc 100644 --- a/hosts/rico1/services/apps/prometheus.nix +++ b/hosts/rico1/services/apps/prometheus.nix @@ -1,15 +1,15 @@ _: let - inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsDNSChallenge; + inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; domainName = "prometheus.labs.adtya.xyz"; in { services = { caddy = { virtualHosts."${domainName}" = { - logFormat = logFormat domainName; + inherit logFormat; extraConfig = '' - ${tlsDNSChallenge} + ${tlsAcmeDnsChallenge} reverse_proxy 127.0.0.1:9090 ''; }; diff --git a/hosts/shared/caddy-helpers.nix b/hosts/shared/caddy-helpers.nix index 53dcb87..ed841ed 100644 --- a/hosts/shared/caddy-helpers.nix +++ b/hosts/shared/caddy-helpers.nix @@ -1,11 +1,11 @@ { - logFormat = fileName: '' + logFormat = '' output stderr format json - level DEBUG + level INFO ''; - tlsDNSChallenge = '' + tlsAcmeDnsChallenge = '' tls { dns digitalocean {env.DO_API_TOKEN} } diff --git a/hosts/shared/caddy.nix b/hosts/shared/caddy.nix index 4aed177..cdf1a68 100644 --- a/hosts/shared/caddy.nix +++ b/hosts/shared/caddy.nix @@ -23,7 +23,7 @@ in metrics } ''; - logFormat = logFormat "caddy_main"; + inherit logFormat; }; systemd.services.caddy.serviceConfig.EnvironmentFile = config.sops.secrets."caddy/env_file".path; networking.firewall.allowedTCPPorts = [ 80 443 ]; diff --git a/hosts/shared/prometheus-exporters.nix b/hosts/shared/prometheus-exporters.nix index 55275bf..42978c5 100644 --- a/hosts/shared/prometheus-exporters.nix +++ b/hosts/shared/prometheus-exporters.nix @@ -1,6 +1,6 @@ { lib, config, ... }: let - inherit (import ./caddy-helpers.nix) logFormat tlsDNSChallenge; + inherit (import ./caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; in { services = { @@ -10,9 +10,9 @@ in in { virtualHosts."${vHost}" = { - logFormat = logFormat vHost; + inherit logFormat; extraConfig = '' - ${tlsDNSChallenge} + ${tlsAcmeDnsChallenge} metrics /caddy-metrics handle /metrics { reverse_proxy ${config.services.prometheus.exporters.node.listenAddress}:${toString config.services.prometheus.exporters.node.port} diff --git a/hosts/wynne/services/apps/acomputer.lol.nix b/hosts/wynne/services/apps/acomputer.lol.nix index c991377..3e79afa 100644 --- a/hosts/wynne/services/apps/acomputer.lol.nix +++ b/hosts/wynne/services/apps/acomputer.lol.nix @@ -6,7 +6,7 @@ in { services = { caddy.virtualHosts."${domainName}" = { - logFormat = logFormat domainName; + inherit logFormat; extraConfig = '' handle /.well-known/matrix/server { header Content-Type application/json diff --git a/hosts/wynne/services/apps/dendrite/default.nix b/hosts/wynne/services/apps/dendrite/default.nix index 02a7802..acdcb5c 100644 --- a/hosts/wynne/services/apps/dendrite/default.nix +++ b/hosts/wynne/services/apps/dendrite/default.nix @@ -15,7 +15,7 @@ in }; services = { caddy.virtualHosts."${domainName}" = { - logFormat = logFormat domainName; + inherit logFormat; extraConfig = '' reverse_proxy /client/* 127.0.0.1:8009 # reverse_proxy /_matrix/client/unstable/org.matrix.msc3575/sync 127.0.0.1:8009 diff --git a/hosts/wynne/services/apps/forgejo.nix b/hosts/wynne/services/apps/forgejo.nix index e916fd2..cb9e25d 100644 --- a/hosts/wynne/services/apps/forgejo.nix +++ b/hosts/wynne/services/apps/forgejo.nix @@ -7,7 +7,7 @@ in { services = { caddy.virtualHosts."${domainName}" = { - logFormat = logFormat domainName; + inherit logFormat; extraConfig = '' reverse_proxy ${cfg.settings.server.HTTP_ADDR}:${toString cfg.settings.server.HTTP_PORT} ''; diff --git a/hosts/wynne/services/apps/ntfy.nix b/hosts/wynne/services/apps/ntfy.nix index 5b2519f..dc6e937 100644 --- a/hosts/wynne/services/apps/ntfy.nix +++ b/hosts/wynne/services/apps/ntfy.nix @@ -1,20 +1,21 @@ { lib, config, ... }: let - inherit (import ../../../shared/caddy-helpers.nix) logFormat; + inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; domainName = "ntfy.acomputer.lol"; in { services = { caddy.virtualHosts = { "${domainName}" = { - logFormat = logFormat domainName; + inherit logFormat; extraConfig = '' reverse_proxy ${config.services.ntfy-sh.settings.listen-http} ''; }; "${config.networking.hostName}.labs.adtya.xyz" = { - logFormat = logFormat domainName; + inherit logFormat; extraConfig = '' + ${tlsAcmeDnsChallenge} handle /ntfy-metrics { uri replace /ntfy-metrics /metrics reverse_proxy ${config.services.ntfy-sh.settings.metrics-listen-http}