From fb13e6c63a3fbe87d26a290deb7d40751c10198c Mon Sep 17 00:00:00 2001 From: Adithya Nair Date: Thu, 31 Oct 2024 14:39:20 +0530 Subject: [PATCH] all: use global acme_dns config --- hosts/layne/services/apps/jackett.nix | 3 +-- hosts/layne/services/apps/jellyfin.nix | 4 +--- hosts/layne/services/apps/radarr.nix | 3 +-- hosts/layne/services/apps/readarr.nix | 3 +-- hosts/layne/services/apps/sonarr.nix | 3 +-- hosts/layne/services/apps/transmission.nix | 3 +-- hosts/rico1/services/apps/blocky.nix | 3 +-- hosts/rico1/services/apps/default.nix | 6 +----- hosts/rico1/services/apps/loki/default.nix | 3 +-- hosts/rico1/services/apps/prometheus.nix | 3 +-- hosts/rico2/services/apps/alertmanager.nix | 3 +-- hosts/rico2/services/apps/blocky.nix | 3 +-- hosts/rico2/services/apps/grafana.nix | 3 +-- hosts/shared/caddy-helpers.nix | 6 ------ hosts/shared/caddy.nix | 1 + hosts/shared/prometheus-exporters.nix | 3 +-- hosts/shared/promtail.nix | 2 +- hosts/wynne/services/apps/ntfy.nix | 3 +-- 18 files changed, 17 insertions(+), 41 deletions(-) diff --git a/hosts/layne/services/apps/jackett.nix b/hosts/layne/services/apps/jackett.nix index 581232c..a52b8ea 100644 --- a/hosts/layne/services/apps/jackett.nix +++ b/hosts/layne/services/apps/jackett.nix @@ -1,13 +1,12 @@ _: let - inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; + inherit (import ../../../shared/caddy-helpers.nix) logFormat; in { services = { caddy.virtualHosts."jackett.labs.adtya.xyz" = { inherit logFormat; extraConfig = '' - ${tlsAcmeDnsChallenge} reverse_proxy 127.0.0.1:9117 ''; }; diff --git a/hosts/layne/services/apps/jellyfin.nix b/hosts/layne/services/apps/jellyfin.nix index cce2e83..18cbd57 100644 --- a/hosts/layne/services/apps/jellyfin.nix +++ b/hosts/layne/services/apps/jellyfin.nix @@ -1,6 +1,6 @@ _: let - inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; + inherit (import ../../../shared/caddy-helpers.nix) logFormat; in { services = { @@ -9,14 +9,12 @@ in "jellyfin.local.adtya.xyz" = { inherit logFormat; extraConfig = '' - ${tlsAcmeDnsChallenge} reverse_proxy 127.0.0.1:8096 ''; }; "jellyfin.labs.adtya.xyz" = { inherit logFormat; extraConfig = '' - ${tlsAcmeDnsChallenge} reverse_proxy 127.0.0.1:8096 ''; }; diff --git a/hosts/layne/services/apps/radarr.nix b/hosts/layne/services/apps/radarr.nix index 7a409cd..d881380 100644 --- a/hosts/layne/services/apps/radarr.nix +++ b/hosts/layne/services/apps/radarr.nix @@ -1,13 +1,12 @@ _: let - inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; + inherit (import ../../../shared/caddy-helpers.nix) logFormat; in { services = { caddy.virtualHosts."radarr.labs.adtya.xyz" = { inherit logFormat; extraConfig = '' - ${tlsAcmeDnsChallenge} reverse_proxy 127.0.0.1:7878 ''; }; diff --git a/hosts/layne/services/apps/readarr.nix b/hosts/layne/services/apps/readarr.nix index 44c3242..ecebc6a 100644 --- a/hosts/layne/services/apps/readarr.nix +++ b/hosts/layne/services/apps/readarr.nix @@ -1,13 +1,12 @@ _: let - inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; + inherit (import ../../../shared/caddy-helpers.nix) logFormat; in { services = { caddy.virtualHosts."readarr.labs.adtya.xyz" = { inherit logFormat; extraConfig = '' - ${tlsAcmeDnsChallenge} reverse_proxy 127.0.0.1:8787 ''; }; diff --git a/hosts/layne/services/apps/sonarr.nix b/hosts/layne/services/apps/sonarr.nix index 47db600..64b0d0b 100644 --- a/hosts/layne/services/apps/sonarr.nix +++ b/hosts/layne/services/apps/sonarr.nix @@ -1,13 +1,12 @@ _: let - inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; + inherit (import ../../../shared/caddy-helpers.nix) logFormat; in { services = { caddy.virtualHosts."sonarr.labs.adtya.xyz" = { inherit logFormat; extraConfig = '' - ${tlsAcmeDnsChallenge} reverse_proxy 127.0.0.1:8989 ''; }; diff --git a/hosts/layne/services/apps/transmission.nix b/hosts/layne/services/apps/transmission.nix index 00b652b..1e70c8c 100644 --- a/hosts/layne/services/apps/transmission.nix +++ b/hosts/layne/services/apps/transmission.nix @@ -1,6 +1,6 @@ { pkgs, ... }: let - inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; + inherit (import ../../../shared/caddy-helpers.nix) logFormat; in { services = { @@ -8,7 +8,6 @@ in virtualHosts."transmission.labs.adtya.xyz" = { inherit logFormat; extraConfig = '' - ${tlsAcmeDnsChallenge} reverse_proxy 127.0.0.1:9091 ''; }; diff --git a/hosts/rico1/services/apps/blocky.nix b/hosts/rico1/services/apps/blocky.nix index 7d53c81..51eca18 100644 --- a/hosts/rico1/services/apps/blocky.nix +++ b/hosts/rico1/services/apps/blocky.nix @@ -1,6 +1,6 @@ _: let - inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; + inherit (import ../../../shared/caddy-helpers.nix) logFormat; domainName = "blocky.rico1.labs.adtya.xyz"; in { @@ -12,7 +12,6 @@ in virtualHosts."${domainName}" = { inherit logFormat; extraConfig = '' - ${tlsAcmeDnsChallenge} reverse_proxy 127.0.0.1:8080 ''; }; diff --git a/hosts/rico1/services/apps/default.nix b/hosts/rico1/services/apps/default.nix index 9cf4721..6f776e6 100644 --- a/hosts/rico1/services/apps/default.nix +++ b/hosts/rico1/services/apps/default.nix @@ -1,6 +1,6 @@ _: let - inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; + inherit (import ../../../shared/caddy-helpers.nix) logFormat; in { imports = [ @@ -16,28 +16,24 @@ in "gateway.labs.adtya.xyz" = { inherit logFormat; extraConfig = '' - ${tlsAcmeDnsChallenge} reverse_proxy 192.168.0.1:80 ''; }; "ap1.labs.adtya.xyz" = { inherit logFormat; extraConfig = '' - ${tlsAcmeDnsChallenge} reverse_proxy 192.168.1.1:80 ''; }; "ap2.labs.adtya.xyz" = { inherit logFormat; extraConfig = '' - ${tlsAcmeDnsChallenge} reverse_proxy 192.168.1.2:80 ''; }; "switch.labs.adtya.xyz" = { inherit logFormat; extraConfig = '' - ${tlsAcmeDnsChallenge} reverse_proxy 192.168.1.3:80 ''; }; diff --git a/hosts/rico1/services/apps/loki/default.nix b/hosts/rico1/services/apps/loki/default.nix index 5f9a8bb..629ef5b 100644 --- a/hosts/rico1/services/apps/loki/default.nix +++ b/hosts/rico1/services/apps/loki/default.nix @@ -1,6 +1,6 @@ _: let - inherit (import ../../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; + inherit (import ../../../../shared/caddy-helpers.nix) logFormat; domainName = "loki.labs.adtya.xyz"; in { @@ -9,7 +9,6 @@ in virtualHosts."${domainName}" = { inherit logFormat; extraConfig = '' - ${tlsAcmeDnsChallenge} reverse_proxy 127.0.0.1:3100 ''; }; diff --git a/hosts/rico1/services/apps/prometheus.nix b/hosts/rico1/services/apps/prometheus.nix index abf4ff4..1566f12 100644 --- a/hosts/rico1/services/apps/prometheus.nix +++ b/hosts/rico1/services/apps/prometheus.nix @@ -1,6 +1,6 @@ _: let - inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; + inherit (import ../../../shared/caddy-helpers.nix) logFormat; domainName = "prometheus.labs.adtya.xyz"; in { @@ -9,7 +9,6 @@ in virtualHosts."${domainName}" = { inherit logFormat; extraConfig = '' - ${tlsAcmeDnsChallenge} reverse_proxy 127.0.0.1:9090 ''; }; diff --git a/hosts/rico2/services/apps/alertmanager.nix b/hosts/rico2/services/apps/alertmanager.nix index 7c17962..b39e78e 100644 --- a/hosts/rico2/services/apps/alertmanager.nix +++ b/hosts/rico2/services/apps/alertmanager.nix @@ -1,6 +1,6 @@ _: let - inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; + inherit (import ../../../shared/caddy-helpers.nix) logFormat; domainName = "alertmanager.labs.adtya.xyz"; in { @@ -9,7 +9,6 @@ in virtualHosts."${domainName}" = { inherit logFormat; extraConfig = '' - ${tlsAcmeDnsChallenge} reverse_proxy 127.0.0.1:9093 ''; }; diff --git a/hosts/rico2/services/apps/blocky.nix b/hosts/rico2/services/apps/blocky.nix index 3c9a66d..dd2ba16 100644 --- a/hosts/rico2/services/apps/blocky.nix +++ b/hosts/rico2/services/apps/blocky.nix @@ -1,6 +1,6 @@ _: let - inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; + inherit (import ../../../shared/caddy-helpers.nix) logFormat; domainName = "blocky.rico2.labs.adtya.xyz"; in { @@ -12,7 +12,6 @@ in virtualHosts."${domainName}" = { inherit logFormat; extraConfig = '' - ${tlsAcmeDnsChallenge} reverse_proxy 127.0.0.1:8080 ''; }; diff --git a/hosts/rico2/services/apps/grafana.nix b/hosts/rico2/services/apps/grafana.nix index 5c5ea78..2f50c6e 100644 --- a/hosts/rico2/services/apps/grafana.nix +++ b/hosts/rico2/services/apps/grafana.nix @@ -1,6 +1,6 @@ _: let - inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; + inherit (import ../../../shared/caddy-helpers.nix) logFormat; domainName = "grafana.labs.adtya.xyz"; in { @@ -9,7 +9,6 @@ in virtualHosts."${domainName}" = { inherit logFormat; extraConfig = '' - ${tlsAcmeDnsChallenge} reverse_proxy 127.0.0.1:9091 ''; }; diff --git a/hosts/shared/caddy-helpers.nix b/hosts/shared/caddy-helpers.nix index 0f4f477..857b711 100644 --- a/hosts/shared/caddy-helpers.nix +++ b/hosts/shared/caddy-helpers.nix @@ -4,10 +4,4 @@ format json level ERROR ''; - - tlsAcmeDnsChallenge = '' - tls { - dns hetzner {env.HETZNER_ACCESS_TOKEN} - } - ''; } diff --git a/hosts/shared/caddy.nix b/hosts/shared/caddy.nix index cdf1a68..7f1b161 100644 --- a/hosts/shared/caddy.nix +++ b/hosts/shared/caddy.nix @@ -17,6 +17,7 @@ in package = inputs.caddy.packages.${pkgs.system}.caddy; email = "admin@acomputer.lol"; globalConfig = '' + acme_dns hetzner {env.HETZNER_ACCESS_TOKEN} servers { trusted_proxies static private_ranges 10.10.10.0/24 client_ip_headers X-Forwarded-For X-Real-IP diff --git a/hosts/shared/prometheus-exporters.nix b/hosts/shared/prometheus-exporters.nix index 629d735..5740117 100644 --- a/hosts/shared/prometheus-exporters.nix +++ b/hosts/shared/prometheus-exporters.nix @@ -1,6 +1,6 @@ { lib, config, ... }: let - inherit (import ./caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; + inherit (import ./caddy-helpers.nix) logFormat; in { services = { @@ -12,7 +12,6 @@ in virtualHosts."${vHost}" = { inherit logFormat; extraConfig = '' - ${tlsAcmeDnsChallenge} metrics /caddy-metrics handle /metrics { reverse_proxy ${config.services.prometheus.exporters.node.listenAddress}:${toString config.services.prometheus.exporters.node.port} diff --git a/hosts/shared/promtail.nix b/hosts/shared/promtail.nix index a2dfd59..a9e0ec3 100644 --- a/hosts/shared/promtail.nix +++ b/hosts/shared/promtail.nix @@ -1,4 +1,4 @@ -{ config, ... }: { +_: { services = { promtail = { enable = true; diff --git a/hosts/wynne/services/apps/ntfy.nix b/hosts/wynne/services/apps/ntfy.nix index c9bbc35..d3eb5f0 100644 --- a/hosts/wynne/services/apps/ntfy.nix +++ b/hosts/wynne/services/apps/ntfy.nix @@ -1,6 +1,6 @@ { lib, config, ... }: let - inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; + inherit (import ../../../shared/caddy-helpers.nix) logFormat; domainName = "ntfy.acomputer.lol"; in { @@ -9,7 +9,6 @@ in "${config.networking.hostName}.labs.adtya.xyz" = { inherit logFormat; extraConfig = '' - ${tlsAcmeDnsChallenge} handle /ntfy-metrics { uri replace /ntfy-metrics /metrics reverse_proxy ${config.services.ntfy-sh.settings.metrics-listen-http}