diff --git a/hosts/rico0/services/apps/alertmanager.nix b/hosts/rico0/services/apps/alertmanager.nix index 9dfe4f7..cbffd4b 100644 --- a/hosts/rico0/services/apps/alertmanager.nix +++ b/hosts/rico0/services/apps/alertmanager.nix @@ -1,7 +1,13 @@ -_: { +_: +let + inherit (import ../../../shared/caddy-helpers.nix) logFormat; + domainName = "alertmanager.labs.adtya.xyz"; +in +{ services = { caddy = { - virtualHosts."alertmanager.labs.adtya.xyz" = { + virtualHosts."${domainName}" = { + logFormat = logFormat "${domainName}"; extraConfig = '' reverse_proxy 127.0.0.1:9093 ''; @@ -11,7 +17,7 @@ _: { enable = true; listenAddress = "127.0.0.1"; port = 9093; - webExternalUrl = "https://alertmanager.labs.adtya.xyz/"; + webExternalUrl = "https://${domainName}/"; configuration = { route = { group_by = [ "alertname" ]; diff --git a/hosts/rico0/services/apps/blocky.nix b/hosts/rico0/services/apps/blocky.nix index a566018..e6304eb 100644 --- a/hosts/rico0/services/apps/blocky.nix +++ b/hosts/rico0/services/apps/blocky.nix @@ -1,4 +1,9 @@ -_: { +_: +let + inherit (import ../../../shared/caddy-helpers.nix) logFormat; + domainName = "block.labs.adtya.xyz"; +in +{ networking = { firewall = { allowedTCPPorts = [ @@ -12,7 +17,8 @@ _: { systemd.services.blocky.unitConfig.After = [ "network-online.target" "wireguard-wg0.service" ]; services = { caddy = { - virtualHosts."blocky.labs.adtya.xyz" = { + virtualHosts."${domainName}" = { + logFormat = logFormat domainName; extraConfig = '' reverse_proxy 127.0.0.1:8080 ''; diff --git a/hosts/rico0/services/apps/grafana.nix b/hosts/rico0/services/apps/grafana.nix index b342e26..4e4c3e6 100644 --- a/hosts/rico0/services/apps/grafana.nix +++ b/hosts/rico0/services/apps/grafana.nix @@ -1,7 +1,13 @@ -_: { +_: +let + inherit (import ../../../shared/caddy-helpers.nix) logFormat; + domainName = "grafana.labs.adtya.xyz"; +in +{ services = { caddy = { - virtualHosts."grafana.labs.adtya.xyz" = { + virtualHosts."${domainName}" = { + logFormat = logFormat domainName; extraConfig = '' reverse_proxy 127.0.0.1:9091 ''; @@ -11,7 +17,7 @@ _: { enable = true; settings = { server = { - domain = "grafana.labs.adtya.xyz"; + domain = domainName; http_addr = "127.0.0.1"; http_port = 9091; }; diff --git a/hosts/rico0/services/apps/loki.nix b/hosts/rico0/services/apps/loki.nix index cb44bee..fd770f6 100644 --- a/hosts/rico0/services/apps/loki.nix +++ b/hosts/rico0/services/apps/loki.nix @@ -1,7 +1,13 @@ -_: { +_: +let + inherit (import ../../../shared/caddy-helpers.nix) logFormat; + domainName = "loki.labs.adtyz.xyz"; +in +{ services = { caddy = { - virtualHosts."loki.labs.adtya.xyz" = { + virtualHosts."${domainName}" = { + logFormat = logFormat domainName; extraConfig = '' reverse_proxy 127.0.0.1:3100 ''; diff --git a/hosts/rico0/services/apps/prometheus.nix b/hosts/rico0/services/apps/prometheus.nix index 4a1491a..69ab5b8 100644 --- a/hosts/rico0/services/apps/prometheus.nix +++ b/hosts/rico0/services/apps/prometheus.nix @@ -1,7 +1,13 @@ -_: { +_: +let + inherit (import ../../../shared/caddy-helpers.nix) logFormat; + domainName = "prometheus.labs.adtya.xyz"; +in +{ services = { caddy = { - virtualHosts."prometheus.labs.adtya.xyz" = { + virtualHosts."${domainName}" = { + logFormat = logFormat domainName; extraConfig = '' reverse_proxy 127.0.0.1:9090 ''; diff --git a/hosts/rico1/services/apps/adtya.xyz.nix b/hosts/rico1/services/apps/adtya.xyz.nix index 4f89867..59a89b3 100644 --- a/hosts/rico1/services/apps/adtya.xyz.nix +++ b/hosts/rico1/services/apps/adtya.xyz.nix @@ -1,7 +1,13 @@ -{ inputs, pkgs, ... }: { +{ inputs, pkgs, ... }: +let + inherit (import ../../../shared/caddy-helpers.nix) logFormat; + domainName = "adtya.xyz"; +in +{ services = { - caddy.virtualHosts."adtya.xyz" = { - serverAliases = [ "www.adtya.xyz" ]; + caddy.virtualHosts."${domainName}" = { + serverAliases = [ "www.${domainName}" ]; + logFormat = logFormat domainName; extraConfig = '' handle { root * ${inputs.adtyaxyz.packages.${pkgs.system}.default}/share/web @@ -13,16 +19,16 @@ }; frp.settings.proxies = [ { - name = "http.adtya.xyz"; + name = "http.${domainName}"; type = "http"; - customDomains = [ "adtya.xyz" "www.adtya.xyz" ]; + customDomains = [ "${domainName}" "www.${domainName}" ]; localPort = 80; transport.useCompression = true; } { - name = "https.adtya.xyz"; + name = "https.${domainName}"; type = "https"; - customDomains = [ "adtya.xyz" "www.adtya.xyz" ]; + customDomains = [ "${domainName}" "www.${domainName}" ]; localPort = 443; transport.useCompression = true; } diff --git a/hosts/rico1/services/apps/proofs.nix b/hosts/rico1/services/apps/proofs.nix index 2a02d8b..b75732f 100644 --- a/hosts/rico1/services/apps/proofs.nix +++ b/hosts/rico1/services/apps/proofs.nix @@ -1,7 +1,13 @@ -_: { +_: +let + inherit (import ../../../shared/caddy-helpers.nix) logFormat; + domainName = "proofs.adtya.xyz"; +in +{ services = { caddy.virtualHosts = { - "proofs.adtya.xyz" = { + "${domainName}" = { + logFormat = logFormat domainName; extraConfig = '' redir https://keyoxide.org/hkp/51E4F5AB1B82BE45B4229CC243A5E25AA5A27849 ''; @@ -10,16 +16,16 @@ _: { frp.settings.proxies = [ { - name = "http.proofs.adtya.xyz"; + name = "http.${domainName}"; type = "http"; - customDomains = [ "proofs.adtya.xyz" ]; + customDomains = [ "${domainName}" ]; localPort = 80; transport.useCompression = true; } { - name = "https.proofs.adtya.xyz"; + name = "https.${domainName}"; type = "https"; - customDomains = [ "proofs.adtya.xyz" ]; + customDomains = [ "${domainName}" ]; localPort = 443; transport.useCompression = true; } diff --git a/hosts/rico1/services/apps/wiki.nix b/hosts/rico1/services/apps/wiki.nix index aafe364..7c2c328 100644 --- a/hosts/rico1/services/apps/wiki.nix +++ b/hosts/rico1/services/apps/wiki.nix @@ -1,6 +1,12 @@ -{ inputs, pkgs, ... }: { +{ inputs, pkgs, ... }: +let + inherit (import ../../../shared/caddy-helpers.nix) logFormat; + domainName = "wiki.adtya.xyz"; +in +{ services = { - caddy.virtualHosts."wiki.adtya.xyz" = { + caddy.virtualHosts."${domainName}" = { + logFormat = logFormat domainName; extraConfig = '' handle { root * ${inputs.wiki.packages.${pkgs.system}.default}/share/web @@ -12,16 +18,16 @@ }; frp.settings.proxies = [ { - name = "http.wiki.adtya.xyz"; + name = "http.${domainName}"; type = "http"; - customDomains = [ "wiki.adtya.xyz" ]; + customDomains = [ "${domainName}" ]; localPort = 80; transport.useCompression = true; } { - name = "https.wiki.adtya.xyz"; + name = "https.${domainName}"; type = "https"; - customDomains = [ "wiki.adtya.xyz" ]; + customDomains = [ "${domainName}" ]; localPort = 443; transport.useCompression = true; } diff --git a/hosts/wynne/services/apps/acomputer.lol.nix b/hosts/wynne/services/apps/acomputer.lol.nix index 48df1b3..95bdfc8 100644 --- a/hosts/wynne/services/apps/acomputer.lol.nix +++ b/hosts/wynne/services/apps/acomputer.lol.nix @@ -1,32 +1,38 @@ -_: { +_: +let + inherit (import ../../../shared/caddy-helpers.nix) logFormat; + domainName = "acomputer.lol"; +in +{ services = { - caddy.virtualHosts."acomputer.lol" = { + caddy.virtualHosts."${domainName}" = { + logFormat = logFormat domainName; extraConfig = '' handle /.well-known/matrix/server { header Content-Type application/json header Access-Control-Allow-Origin * - respond `{"m.server": "matrix.acomputer.lol:443"}` + respond `{"m.server": "matrix.${domainName}:443"}` } handle /.well-known/matrix/client { header Content-Type application/json header Access-Control-Allow-Origin * - respond `{"m.homeserver": {"base_url": "https://matrix.acomputer.lol:443"}, "org.matrix.msc3575.proxy": {"url": "https://matrix.acomputer.lol"}}` + respond `{"m.homeserver": {"base_url": "https://matrix.${domainName}:443"}, "org.matrix.msc3575.proxy": {"url": "https://matrix.${domainName}"}}` } ''; }; frp.settings.proxies = [ { - name = "http.acomputer.lol"; + name = "http.${domainName}"; type = "http"; - customDomains = [ "acomputer.lol" ]; + customDomains = [ "${domainName}" ]; localPort = 80; transport.useCompression = true; } { - name = "https.acomputer.lol"; + name = "https.${domainName}"; type = "https"; - customDomains = [ "acomputer.lol" ]; + customDomains = [ "${domainName}" ]; localPort = 443; transport.useCompression = true; } diff --git a/hosts/wynne/services/apps/dendrite/default.nix b/hosts/wynne/services/apps/dendrite/default.nix index 06e6f51..1a1cb74 100644 --- a/hosts/wynne/services/apps/dendrite/default.nix +++ b/hosts/wynne/services/apps/dendrite/default.nix @@ -1,15 +1,21 @@ -{ config, pkgs, ... }: { +{ config, pkgs, ... }: +let + inherit (import ../../../../shared/caddy-helpers.nix) logFormat; + domainName = "matrix.acomputer.lol"; +in +{ sops = { secrets = { "matrix/syncv3_secret" = { mode = "444"; owner = config.users.users.root.name; - group = config.users.users.root.group; + inherit (config.users.users.root) group; }; }; }; services = { - caddy.virtualHosts."matrix.acomputer.lol" = { + caddy.virtualHosts."${domainName}" = { + logFormat = logFormat domainName; extraConfig = '' reverse_proxy /client/* 127.0.0.1:8009 reverse_proxy /_matrix/client/unstable/org.matrix.msc3575/sync 127.0.0.1:8009 @@ -20,16 +26,16 @@ }; frp.settings.proxies = [ { - name = "http.matrix.acomputer.lol"; + name = "http.${domainName}"; type = "http"; - customDomains = [ "matrix.acomputer.lol" ]; + customDomains = [ "${domainName}" ]; localPort = 80; transport.useCompression = true; } { - name = "https.matrix.acomputer.lol"; + name = "https.${domainName}"; type = "https"; - customDomains = [ "matrix.acomputer.lol" ]; + customDomains = [ "${domainName}" ]; localPort = 443; transport.useCompression = true; } @@ -37,7 +43,7 @@ matrix-sliding-sync = { enable = true; settings = { - SYNCV3_SERVER = "https://matrix.acomputer.lol"; + SYNCV3_SERVER = "https://${domainName}"; SYNCV3_BINDADDR = "127.0.0.1:8009"; SYNCV3_DB = "postgresql://dendrite@localhost/dendrite?sslmode=disable"; };