adtya/configuration.nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

all: cleanup caddy

Browse source
This commit is contained in:
Adithya 2024-10-27 23:09:50 +05:30
parent 50032d4383
commit 486eb71240
Signed by: adtya
GPG key ID: B8857BFBA2C47B9C
22 changed files with 64 additions and 54 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
hosts/layne/services/apps/jackett.nix
View file

@ -1,12 +1,13 @@
_: _:
let let
inherit (import ../../../shared/caddy-helpers.nix) tlsDNSChallenge; inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
in in
{ {
services = { services = {
caddy.virtualHosts."jackett.labs.adtya.xyz" = { caddy.virtualHosts."jackett.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsDNSChallenge} ${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:9117 reverse_proxy 127.0.0.1:9117
''; '';
}; };

12
hosts/layne/services/apps/jellyfin.nix
View file

@ -1,6 +1,6 @@
_: _:
let let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsDNSChallenge; inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
domainName = "watch.acomputer.lol"; domainName = "watch.acomputer.lol";
in in
{ {
@ -8,21 +8,21 @@ in
caddy = { caddy = {
virtualHosts = { virtualHosts = {
"jellyfin.local.adtya.xyz" = { "jellyfin.local.adtya.xyz" = {
logFormat = logFormat "jellyfin.local.adtya.xyz"; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsDNSChallenge} ${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:8096 reverse_proxy 127.0.0.1:8096
''; '';
}; };
"jellyfin.labs.adtya.xyz" = { "jellyfin.labs.adtya.xyz" = {
logFormat = logFormat "jellyfin.labs.adtya.xyz"; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsDNSChallenge} ${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:8096 reverse_proxy 127.0.0.1:8096
''; '';
}; };
"${domainName}" = { "${domainName}" = {
logFormat = logFormat domainName; inherit logFormat;
extraConfig = '' extraConfig = ''
reverse_proxy 127.0.0.1:8096 reverse_proxy 127.0.0.1:8096
''; '';

5
hosts/layne/services/apps/radarr.nix
View file

@ -1,12 +1,13 @@
_: _:
let let
inherit (import ../../../shared/caddy-helpers.nix) tlsDNSChallenge; inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
in in
{ {
services = { services = {
caddy.virtualHosts."radarr.labs.adtya.xyz" = { caddy.virtualHosts."radarr.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsDNSChallenge} ${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:7878 reverse_proxy 127.0.0.1:7878
''; '';
}; };

5
hosts/layne/services/apps/readarr.nix
View file

@ -1,12 +1,13 @@
_: _:
let let
inherit (import ../../../shared/caddy-helpers.nix) tlsDNSChallenge; inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
in in
{ {
services = { services = {
caddy.virtualHosts."readarr.labs.adtya.xyz" = { caddy.virtualHosts."readarr.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsDNSChallenge} ${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:8787 reverse_proxy 127.0.0.1:8787
''; '';
}; };

5
hosts/layne/services/apps/sonarr.nix
View file

@ -1,12 +1,13 @@
_: _:
let let
inherit (import ../../../shared/caddy-helpers.nix) tlsDNSChallenge; inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
in in
{ {
services = { services = {
caddy.virtualHosts."sonarr.labs.adtya.xyz" = { caddy.virtualHosts."sonarr.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsDNSChallenge} ${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:8989 reverse_proxy 127.0.0.1:8989
''; '';
}; };

6
hosts/layne/services/apps/transmission.nix
View file

@ -1,14 +1,14 @@
{ pkgs, ... }: { pkgs, ... }:
let let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsDNSChallenge; inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
in in
{ {
services = { services = {
caddy = { caddy = {
virtualHosts."transmission.labs.adtya.xyz" = { virtualHosts."transmission.labs.adtya.xyz" = {
logFormat = logFormat "transmission.labs.adtya.xyz"; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsDNSChallenge} ${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:9091 reverse_proxy 127.0.0.1:9091
''; '';
}; };

2
hosts/rico0/services/apps/adtya.xyz.nix
View file

@ -7,7 +7,7 @@ in
services = { services = {
caddy.virtualHosts."${domainName}" = { caddy.virtualHosts."${domainName}" = {
serverAliases = [ "www.${domainName}" ]; serverAliases = [ "www.${domainName}" ];
logFormat = logFormat domainName; inherit logFormat;
extraConfig = '' extraConfig = ''
handle { handle {
root * ${inputs.adtyaxyz.packages.${pkgs.system}.default}/share/web root * ${inputs.adtyaxyz.packages.${pkgs.system}.default}/share/web

2
hosts/rico0/services/apps/proofs.nix
View file

@ -7,7 +7,7 @@ in
services = { services = {
caddy.virtualHosts = { caddy.virtualHosts = {
"${domainName}" = { "${domainName}" = {
logFormat = logFormat domainName; inherit logFormat;
extraConfig = '' extraConfig = ''
redir https://keyoxide.org/hkp/51E4F5AB1B82BE45B4229CC243A5E25AA5A27849 redir https://keyoxide.org/hkp/51E4F5AB1B82BE45B4229CC243A5E25AA5A27849
''; '';

2
hosts/rico0/services/apps/wiki.nix
View file

@ -6,7 +6,7 @@ in
{ {
services = { services = {
caddy.virtualHosts."${domainName}" = { caddy.virtualHosts."${domainName}" = {
logFormat = logFormat domainName; inherit logFormat;
extraConfig = '' extraConfig = ''
handle { handle {
root * ${inputs.wiki.packages.${pkgs.system}.default}/share/web root * ${inputs.wiki.packages.${pkgs.system}.default}/share/web

17
hosts/rico0/services/default.nix
View file

@ -1,6 +1,6 @@
_: _:
let let
inherit (import ../../shared/caddy-helpers.nix) tlsDNSChallenge; inherit (import ../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
in in
{ {
imports = [ imports = [
@ -14,32 +14,37 @@ in
services.caddy = { services.caddy = {
virtualHosts = { virtualHosts = {
"gateway.labs.adtya.xyz" = { "gateway.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsDNSChallenge} ${tlsAcmeDnsChallenge}
reverse_proxy 192.168.0.1:80 reverse_proxy 192.168.0.1:80
''; '';
}; };
"ap1.labs.adtya.xyz" = { "ap1.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsDNSChallenge} ${tlsAcmeDnsChallenge}
reverse_proxy 192.168.1.1:80 reverse_proxy 192.168.1.1:80
''; '';
}; };
"ap2.labs.adtya.xyz" = { "ap2.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsDNSChallenge} ${tlsAcmeDnsChallenge}
reverse_proxy 192.168.1.2:80 reverse_proxy 192.168.1.2:80
''; '';
}; };
"switch.labs.adtya.xyz" = { "switch.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsDNSChallenge} ${tlsAcmeDnsChallenge}
reverse_proxy 192.168.1.3:80 reverse_proxy 192.168.1.3:80
''; '';
}; };
"frp.labs.adtya.xyz" = { "frp.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsDNSChallenge} ${tlsAcmeDnsChallenge}
reverse_proxy 10.10.10.1:7500 reverse_proxy 10.10.10.1:7500
''; '';
}; };

6
hosts/rico1/services/apps/alertmanager.nix
View file

@ -1,15 +1,15 @@
_: _:
let let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsDNSChallenge; inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
domainName = "alertmanager.labs.adtya.xyz"; domainName = "alertmanager.labs.adtya.xyz";
in in
{ {
services = { services = {
caddy = { caddy = {
virtualHosts."${domainName}" = { virtualHosts."${domainName}" = {
logFormat = logFormat "${domainName}"; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsDNSChallenge} ${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:9093 reverse_proxy 127.0.0.1:9093
''; '';
}; };

6
hosts/rico1/services/apps/blocky.nix
View file

@ -1,6 +1,6 @@
{ pkgs, ... }: { pkgs, ... }:
let let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsDNSChallenge; inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
domainName = "blocky.labs.adtya.xyz"; domainName = "blocky.labs.adtya.xyz";
in in
{ {
@ -18,9 +18,9 @@ in
services = { services = {
caddy = { caddy = {
virtualHosts."${domainName}" = { virtualHosts."${domainName}" = {
logFormat = logFormat domainName; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsDNSChallenge} ${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:8080 reverse_proxy 127.0.0.1:8080
''; '';
}; };

6
hosts/rico1/services/apps/grafana.nix
View file

@ -1,15 +1,15 @@
_: _:
let let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsDNSChallenge; inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
domainName = "grafana.labs.adtya.xyz"; domainName = "grafana.labs.adtya.xyz";
in in
{ {
services = { services = {
caddy = { caddy = {
virtualHosts."${domainName}" = { virtualHosts."${domainName}" = {
logFormat = logFormat domainName; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsDNSChallenge} ${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:9091 reverse_proxy 127.0.0.1:9091
''; '';
}; };

6
hosts/rico1/services/apps/loki/default.nix
View file

@ -1,15 +1,15 @@
_: _:
let let
inherit (import ../../../../shared/caddy-helpers.nix) logFormat tlsDNSChallenge; inherit (import ../../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
domainName = "loki.labs.adtya.xyz"; domainName = "loki.labs.adtya.xyz";
in in
{ {
services = { services = {
caddy = { caddy = {
virtualHosts."${domainName}" = { virtualHosts."${domainName}" = {
logFormat = logFormat domainName; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsDNSChallenge} ${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:3100 reverse_proxy 127.0.0.1:3100
''; '';
}; };

6
hosts/rico1/services/apps/prometheus.nix
View file

@ -1,15 +1,15 @@
_: _:
let let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsDNSChallenge; inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
domainName = "prometheus.labs.adtya.xyz"; domainName = "prometheus.labs.adtya.xyz";
in in
{ {
services = { services = {
caddy = { caddy = {
virtualHosts."${domainName}" = { virtualHosts."${domainName}" = {
logFormat = logFormat domainName; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsDNSChallenge} ${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:9090 reverse_proxy 127.0.0.1:9090
''; '';
}; };

6
hosts/shared/caddy-helpers.nix
View file

@ -1,11 +1,11 @@
{ {
logFormat = fileName: '' logFormat = ''
output stderr output stderr
format json format json
level DEBUG level INFO
''; '';
tlsDNSChallenge = '' tlsAcmeDnsChallenge = ''
tls { tls {
dns digitalocean {env.DO_API_TOKEN} dns digitalocean {env.DO_API_TOKEN}
} }

2
hosts/shared/caddy.nix
View file

@ -23,7 +23,7 @@ in
metrics metrics
} }
''; '';
logFormat = logFormat "caddy_main"; inherit logFormat;
}; };
systemd.services.caddy.serviceConfig.EnvironmentFile = config.sops.secrets."caddy/env_file".path; systemd.services.caddy.serviceConfig.EnvironmentFile = config.sops.secrets."caddy/env_file".path;
networking.firewall.allowedTCPPorts = [ 80 443 ]; networking.firewall.allowedTCPPorts = [ 80 443 ];

6
hosts/shared/prometheus-exporters.nix
View file

@ -1,6 +1,6 @@
{ lib, config, ... }: { lib, config, ... }:
let let
inherit (import ./caddy-helpers.nix) logFormat tlsDNSChallenge; inherit (import ./caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
in in
{ {
services = { services = {
@ -10,9 +10,9 @@ in
in in
{ {
virtualHosts."${vHost}" = { virtualHosts."${vHost}" = {
logFormat = logFormat vHost; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsDNSChallenge} ${tlsAcmeDnsChallenge}
metrics /caddy-metrics metrics /caddy-metrics
handle /metrics { handle /metrics {
reverse_proxy ${config.services.prometheus.exporters.node.listenAddress}:${toString config.services.prometheus.exporters.node.port} reverse_proxy ${config.services.prometheus.exporters.node.listenAddress}:${toString config.services.prometheus.exporters.node.port}

2
hosts/wynne/services/apps/acomputer.lol.nix
View file

@ -6,7 +6,7 @@ in
{ {
services = { services = {
caddy.virtualHosts."${domainName}" = { caddy.virtualHosts."${domainName}" = {
logFormat = logFormat domainName; inherit logFormat;
extraConfig = '' extraConfig = ''
handle /.well-known/matrix/server { handle /.well-known/matrix/server {
header Content-Type application/json header Content-Type application/json

2
hosts/wynne/services/apps/dendrite/default.nix
View file

@ -15,7 +15,7 @@ in
}; };
services = { services = {
caddy.virtualHosts."${domainName}" = { caddy.virtualHosts."${domainName}" = {
logFormat = logFormat domainName; inherit logFormat;
extraConfig = '' extraConfig = ''
reverse_proxy /client/* 127.0.0.1:8009 reverse_proxy /client/* 127.0.0.1:8009
# reverse_proxy /_matrix/client/unstable/org.matrix.msc3575/sync 127.0.0.1:8009 # reverse_proxy /_matrix/client/unstable/org.matrix.msc3575/sync 127.0.0.1:8009

2
hosts/wynne/services/apps/forgejo.nix
View file

@ -7,7 +7,7 @@ in
{ {
services = { services = {
caddy.virtualHosts."${domainName}" = { caddy.virtualHosts."${domainName}" = {
logFormat = logFormat domainName; inherit logFormat;
extraConfig = '' extraConfig = ''
reverse_proxy ${cfg.settings.server.HTTP_ADDR}:${toString cfg.settings.server.HTTP_PORT} reverse_proxy ${cfg.settings.server.HTTP_ADDR}:${toString cfg.settings.server.HTTP_PORT}
''; '';

7
hosts/wynne/services/apps/ntfy.nix
View file

@ -1,20 +1,21 @@
{ lib, config, ... }: { lib, config, ... }:
let let
inherit (import ../../../shared/caddy-helpers.nix) logFormat; inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
domainName = "ntfy.acomputer.lol"; domainName = "ntfy.acomputer.lol";
in in
{ {
services = { services = {
caddy.virtualHosts = { caddy.virtualHosts = {
"${domainName}" = { "${domainName}" = {
logFormat = logFormat domainName; inherit logFormat;
extraConfig = '' extraConfig = ''
reverse_proxy ${config.services.ntfy-sh.settings.listen-http} reverse_proxy ${config.services.ntfy-sh.settings.listen-http}
''; '';
}; };
"${config.networking.hostName}.labs.adtya.xyz" = { "${config.networking.hostName}.labs.adtya.xyz" = {
logFormat = logFormat domainName; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsAcmeDnsChallenge}
handle /ntfy-metrics { handle /ntfy-metrics {
uri replace /ntfy-metrics /metrics uri replace /ntfy-metrics /metrics
reverse_proxy ${config.services.ntfy-sh.settings.metrics-listen-http} reverse_proxy ${config.services.ntfy-sh.settings.metrics-listen-http}