all: refactor app configs

2024-09-14 19:55:57 +05:30 · 2024-09-14 19:55:57 +05:30 · 679761e70c
commit 679761e70c
parent 29555fda8b
10 changed files with 107 additions and 47 deletions
--- a/hosts/rico0/services/apps/alertmanager.nix
+++ b/hosts/rico0/services/apps/alertmanager.nix
@ -1,7 +1,13 @@
-_: {
+_:
+let
+  inherit (import ../../../shared/caddy-helpers.nix) logFormat;
+  domainName = "alertmanager.labs.adtya.xyz";
+in
+{
  services = {
    caddy = {
-      virtualHosts."alertmanager.labs.adtya.xyz" = {
+      virtualHosts."${domainName}" = {
+        logFormat = logFormat "${domainName}";
        extraConfig = ''
          reverse_proxy 127.0.0.1:9093
        '';
@ -11,7 +17,7 @@ _: {
      enable = true;
      listenAddress = "127.0.0.1";
      port = 9093;
-      webExternalUrl = "https://alertmanager.labs.adtya.xyz/";
+      webExternalUrl = "https://${domainName}/";
      configuration = {
        route = {
          group_by = [ "alertname" ];
--- a/hosts/rico0/services/apps/blocky.nix
+++ b/hosts/rico0/services/apps/blocky.nix
@ -1,4 +1,9 @@
-_: {
+_:
+let
+  inherit (import ../../../shared/caddy-helpers.nix) logFormat;
+  domainName = "block.labs.adtya.xyz";
+in
+{
  networking = {
    firewall = {
      allowedTCPPorts = [
@ -12,7 +17,8 @@ _: {
  systemd.services.blocky.unitConfig.After = [ "network-online.target" "wireguard-wg0.service" ];
  services = {
    caddy = {
-      virtualHosts."blocky.labs.adtya.xyz" = {
+      virtualHosts."${domainName}" = {
+        logFormat = logFormat domainName;
        extraConfig = ''
          reverse_proxy 127.0.0.1:8080
        '';
--- a/hosts/rico0/services/apps/grafana.nix
+++ b/hosts/rico0/services/apps/grafana.nix
@ -1,7 +1,13 @@
-_: {
+_:
+let
+  inherit (import ../../../shared/caddy-helpers.nix) logFormat;
+  domainName = "grafana.labs.adtya.xyz";
+in
+{
  services = {
    caddy = {
-      virtualHosts."grafana.labs.adtya.xyz" = {
+      virtualHosts."${domainName}" = {
+        logFormat = logFormat domainName;
        extraConfig = ''
          reverse_proxy 127.0.0.1:9091
        '';
@ -11,7 +17,7 @@ _: {
      enable = true;
      settings = {
        server = {
-          domain = "grafana.labs.adtya.xyz";
+          domain = domainName;
          http_addr = "127.0.0.1";
          http_port = 9091;
        };
--- a/hosts/rico0/services/apps/loki.nix
+++ b/hosts/rico0/services/apps/loki.nix
@ -1,7 +1,13 @@
-_: {
+_:
+let
+  inherit (import ../../../shared/caddy-helpers.nix) logFormat;
+  domainName = "loki.labs.adtyz.xyz";
+in
+{
  services = {
    caddy = {
-      virtualHosts."loki.labs.adtya.xyz" = {
+      virtualHosts."${domainName}" = {
+        logFormat = logFormat domainName;
        extraConfig = ''
          reverse_proxy 127.0.0.1:3100
        '';
--- a/hosts/rico0/services/apps/prometheus.nix
+++ b/hosts/rico0/services/apps/prometheus.nix
@ -1,7 +1,13 @@
-_: {
+_:
+let
+  inherit (import ../../../shared/caddy-helpers.nix) logFormat;
+  domainName = "prometheus.labs.adtya.xyz";
+in
+{
  services = {
    caddy = {
-      virtualHosts."prometheus.labs.adtya.xyz" = {
+      virtualHosts."${domainName}" = {
+        logFormat = logFormat domainName;
        extraConfig = ''
          reverse_proxy 127.0.0.1:9090
        '';
--- a/hosts/rico1/services/apps/adtya.xyz.nix
+++ b/hosts/rico1/services/apps/adtya.xyz.nix
@ -1,7 +1,13 @@
-{ inputs, pkgs, ... }: {
+{ inputs, pkgs, ... }:
+let
+  inherit (import ../../../shared/caddy-helpers.nix) logFormat;
+  domainName = "adtya.xyz";
+in
+{
  services = {
-    caddy.virtualHosts."adtya.xyz" = {
-      serverAliases = [ "www.adtya.xyz" ];
+    caddy.virtualHosts."${domainName}" = {
+      serverAliases = [ "www.${domainName}" ];
+      logFormat = logFormat domainName;
      extraConfig = ''
        handle {
          root * ${inputs.adtyaxyz.packages.${pkgs.system}.default}/share/web
@ -13,16 +19,16 @@
    };
    frp.settings.proxies = [
      {
-        name = "http.adtya.xyz";
+        name = "http.${domainName}";
        type = "http";
-        customDomains = [ "adtya.xyz" "www.adtya.xyz" ];
+        customDomains = [ "${domainName}" "www.${domainName}" ];
        localPort = 80;
        transport.useCompression = true;
      }
      {
-        name = "https.adtya.xyz";
+        name = "https.${domainName}";
        type = "https";
-        customDomains = [ "adtya.xyz" "www.adtya.xyz" ];
+        customDomains = [ "${domainName}" "www.${domainName}" ];
        localPort = 443;
        transport.useCompression = true;
      }
--- a/hosts/rico1/services/apps/proofs.nix
+++ b/hosts/rico1/services/apps/proofs.nix
@ -1,7 +1,13 @@
-_: {
+_:
+let
+  inherit (import ../../../shared/caddy-helpers.nix) logFormat;
+  domainName = "proofs.adtya.xyz";
+in
+{
  services = {
    caddy.virtualHosts = {
-      "proofs.adtya.xyz" = {
+      "${domainName}" = {
+        logFormat = logFormat domainName;
        extraConfig = ''
          redir https://keyoxide.org/hkp/51E4F5AB1B82BE45B4229CC243A5E25AA5A27849
        '';
@ -10,16 +16,16 @@ _: {

    frp.settings.proxies = [
      {
-        name = "http.proofs.adtya.xyz";
+        name = "http.${domainName}";
        type = "http";
-        customDomains = [ "proofs.adtya.xyz" ];
+        customDomains = [ "${domainName}" ];
        localPort = 80;
        transport.useCompression = true;
      }
      {
-        name = "https.proofs.adtya.xyz";
+        name = "https.${domainName}";
        type = "https";
-        customDomains = [ "proofs.adtya.xyz" ];
+        customDomains = [ "${domainName}" ];
        localPort = 443;
        transport.useCompression = true;
      }
--- a/hosts/rico1/services/apps/wiki.nix
+++ b/hosts/rico1/services/apps/wiki.nix
@ -1,6 +1,12 @@
-{ inputs, pkgs, ... }: {
+{ inputs, pkgs, ... }:
+let
+  inherit (import ../../../shared/caddy-helpers.nix) logFormat;
+  domainName = "wiki.adtya.xyz";
+in
+{
  services = {
-    caddy.virtualHosts."wiki.adtya.xyz" = {
+    caddy.virtualHosts."${domainName}" = {
+      logFormat = logFormat domainName;
      extraConfig = ''
        handle {
          root * ${inputs.wiki.packages.${pkgs.system}.default}/share/web
@ -12,16 +18,16 @@
    };
    frp.settings.proxies = [
      {
-        name = "http.wiki.adtya.xyz";
+        name = "http.${domainName}";
        type = "http";
-        customDomains = [ "wiki.adtya.xyz" ];
+        customDomains = [ "${domainName}" ];
        localPort = 80;
        transport.useCompression = true;
      }
      {
-        name = "https.wiki.adtya.xyz";
+        name = "https.${domainName}";
        type = "https";
-        customDomains = [ "wiki.adtya.xyz" ];
+        customDomains = [ "${domainName}" ];
        localPort = 443;
        transport.useCompression = true;
      }
--- a/hosts/wynne/services/apps/acomputer.lol.nix
+++ b/hosts/wynne/services/apps/acomputer.lol.nix
@ -1,32 +1,38 @@
-_: {
+_:
+let
+  inherit (import ../../../shared/caddy-helpers.nix) logFormat;
+  domainName = "acomputer.lol";
+in
+{
  services = {
-    caddy.virtualHosts."acomputer.lol" = {
+    caddy.virtualHosts."${domainName}" = {
+      logFormat = logFormat domainName;
      extraConfig = ''
        handle /.well-known/matrix/server {
          header Content-Type application/json
          header Access-Control-Allow-Origin *
-          respond `{"m.server": "matrix.acomputer.lol:443"}`
+          respond `{"m.server": "matrix.${domainName}:443"}`
        }

        handle /.well-known/matrix/client {
          header Content-Type application/json
          header Access-Control-Allow-Origin *
-          respond `{"m.homeserver": {"base_url": "https://matrix.acomputer.lol:443"}, "org.matrix.msc3575.proxy": {"url": "https://matrix.acomputer.lol"}}`
+          respond `{"m.homeserver": {"base_url": "https://matrix.${domainName}:443"}, "org.matrix.msc3575.proxy": {"url": "https://matrix.${domainName}"}}`
        }
      '';
    };
    frp.settings.proxies = [
      {
-        name = "http.acomputer.lol";
+        name = "http.${domainName}";
        type = "http";
-        customDomains = [ "acomputer.lol" ];
+        customDomains = [ "${domainName}" ];
        localPort = 80;
        transport.useCompression = true;
      }
      {
-        name = "https.acomputer.lol";
+        name = "https.${domainName}";
        type = "https";
-        customDomains = [ "acomputer.lol" ];
+        customDomains = [ "${domainName}" ];
        localPort = 443;
        transport.useCompression = true;
      }
--- a/hosts/wynne/services/apps/dendrite/default.nix
+++ b/hosts/wynne/services/apps/dendrite/default.nix
@ -1,15 +1,21 @@
-{ config, pkgs, ... }: {
+{ config, pkgs, ... }:
+let
+  inherit (import ../../../../shared/caddy-helpers.nix) logFormat;
+  domainName = "matrix.acomputer.lol";
+in
+{
  sops = {
    secrets = {
      "matrix/syncv3_secret" = {
        mode = "444";
        owner = config.users.users.root.name;
-        group = config.users.users.root.group;
+        inherit (config.users.users.root) group;
      };
    };
  };
  services = {
-    caddy.virtualHosts."matrix.acomputer.lol" = {
+    caddy.virtualHosts."${domainName}" = {
+      logFormat = logFormat domainName;
      extraConfig = ''
        reverse_proxy /client/* 127.0.0.1:8009
        reverse_proxy /_matrix/client/unstable/org.matrix.msc3575/sync 127.0.0.1:8009
@ -20,16 +26,16 @@
    };
    frp.settings.proxies = [
      {
-        name = "http.matrix.acomputer.lol";
+        name = "http.${domainName}";
        type = "http";
-        customDomains = [ "matrix.acomputer.lol" ];
+        customDomains = [ "${domainName}" ];
        localPort = 80;
        transport.useCompression = true;
      }
      {
-        name = "https.matrix.acomputer.lol";
+        name = "https.${domainName}";
        type = "https";
-        customDomains = [ "matrix.acomputer.lol" ];
+        customDomains = [ "${domainName}" ];
        localPort = 443;
        transport.useCompression = true;
      }
@ -37,7 +43,7 @@
    matrix-sliding-sync = {
      enable = true;
      settings = {
-        SYNCV3_SERVER = "https://matrix.acomputer.lol";
+        SYNCV3_SERVER = "https://${domainName}";
        SYNCV3_BINDADDR = "127.0.0.1:8009";
        SYNCV3_DB = "postgresql://dendrite@localhost/dendrite?sslmode=disable";
      };