adtya/configuration.nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

all: use global acme_dns config

Browse source
This commit is contained in:
Adithya 2024-10-31 14:39:20 +05:30
parent 9ed9c46a41
commit fb13e6c63a
Signed by: adtya
GPG key ID: B8857BFBA2C47B9C
18 changed files with 17 additions and 41 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
hosts/layne/services/apps/jackett.nix
View file

@ -1,13 +1,12 @@
_: _:
let let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; inherit (import ../../../shared/caddy-helpers.nix) logFormat;
in in
{ {
services = { services = {
caddy.virtualHosts."jackett.labs.adtya.xyz" = { caddy.virtualHosts."jackett.labs.adtya.xyz" = {
inherit logFormat; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:9117 reverse_proxy 127.0.0.1:9117
''; '';
}; };

4
hosts/layne/services/apps/jellyfin.nix
View file

@ -1,6 +1,6 @@
_: _:
let let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; inherit (import ../../../shared/caddy-helpers.nix) logFormat;
in in
{ {
services = { services = {
@ -9,14 +9,12 @@ in
"jellyfin.local.adtya.xyz" = { "jellyfin.local.adtya.xyz" = {
inherit logFormat; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:8096 reverse_proxy 127.0.0.1:8096
''; '';
}; };
"jellyfin.labs.adtya.xyz" = { "jellyfin.labs.adtya.xyz" = {
inherit logFormat; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:8096 reverse_proxy 127.0.0.1:8096
''; '';
}; };

3
hosts/layne/services/apps/radarr.nix
View file

@ -1,13 +1,12 @@
_: _:
let let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; inherit (import ../../../shared/caddy-helpers.nix) logFormat;
in in
{ {
services = { services = {
caddy.virtualHosts."radarr.labs.adtya.xyz" = { caddy.virtualHosts."radarr.labs.adtya.xyz" = {
inherit logFormat; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:7878 reverse_proxy 127.0.0.1:7878
''; '';
}; };

3
hosts/layne/services/apps/readarr.nix
View file

@ -1,13 +1,12 @@
_: _:
let let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; inherit (import ../../../shared/caddy-helpers.nix) logFormat;
in in
{ {
services = { services = {
caddy.virtualHosts."readarr.labs.adtya.xyz" = { caddy.virtualHosts."readarr.labs.adtya.xyz" = {
inherit logFormat; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:8787 reverse_proxy 127.0.0.1:8787
''; '';
}; };

3
hosts/layne/services/apps/sonarr.nix
View file

@ -1,13 +1,12 @@
_: _:
let let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; inherit (import ../../../shared/caddy-helpers.nix) logFormat;
in in
{ {
services = { services = {
caddy.virtualHosts."sonarr.labs.adtya.xyz" = { caddy.virtualHosts."sonarr.labs.adtya.xyz" = {
inherit logFormat; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:8989 reverse_proxy 127.0.0.1:8989
''; '';
}; };

3
hosts/layne/services/apps/transmission.nix
View file

@ -1,6 +1,6 @@
{ pkgs, ... }: { pkgs, ... }:
let let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; inherit (import ../../../shared/caddy-helpers.nix) logFormat;
in in
{ {
services = { services = {
@ -8,7 +8,6 @@ in
virtualHosts."transmission.labs.adtya.xyz" = { virtualHosts."transmission.labs.adtya.xyz" = {
inherit logFormat; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:9091 reverse_proxy 127.0.0.1:9091
''; '';
}; };

3
hosts/rico1/services/apps/blocky.nix
View file

@ -1,6 +1,6 @@
_: _:
let let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; inherit (import ../../../shared/caddy-helpers.nix) logFormat;
domainName = "blocky.rico1.labs.adtya.xyz"; domainName = "blocky.rico1.labs.adtya.xyz";
in in
{ {
@ -12,7 +12,6 @@ in
virtualHosts."${domainName}" = { virtualHosts."${domainName}" = {
inherit logFormat; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:8080 reverse_proxy 127.0.0.1:8080
''; '';
}; };

6
hosts/rico1/services/apps/default.nix
View file

@ -1,6 +1,6 @@
_: _:
let let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; inherit (import ../../../shared/caddy-helpers.nix) logFormat;
in in
{ {
imports = [ imports = [
@ -16,28 +16,24 @@ in
"gateway.labs.adtya.xyz" = { "gateway.labs.adtya.xyz" = {
inherit logFormat; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 192.168.0.1:80 reverse_proxy 192.168.0.1:80
''; '';
}; };
"ap1.labs.adtya.xyz" = { "ap1.labs.adtya.xyz" = {
inherit logFormat; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 192.168.1.1:80 reverse_proxy 192.168.1.1:80
''; '';
}; };
"ap2.labs.adtya.xyz" = { "ap2.labs.adtya.xyz" = {
inherit logFormat; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 192.168.1.2:80 reverse_proxy 192.168.1.2:80
''; '';
}; };
"switch.labs.adtya.xyz" = { "switch.labs.adtya.xyz" = {
inherit logFormat; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 192.168.1.3:80 reverse_proxy 192.168.1.3:80
''; '';
}; };

3
hosts/rico1/services/apps/loki/default.nix
View file

@ -1,6 +1,6 @@
_: _:
let let
inherit (import ../../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; inherit (import ../../../../shared/caddy-helpers.nix) logFormat;
domainName = "loki.labs.adtya.xyz"; domainName = "loki.labs.adtya.xyz";
in in
{ {
@ -9,7 +9,6 @@ in
virtualHosts."${domainName}" = { virtualHosts."${domainName}" = {
inherit logFormat; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:3100 reverse_proxy 127.0.0.1:3100
''; '';
}; };

3
hosts/rico1/services/apps/prometheus.nix
View file

@ -1,6 +1,6 @@
_: _:
let let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; inherit (import ../../../shared/caddy-helpers.nix) logFormat;
domainName = "prometheus.labs.adtya.xyz"; domainName = "prometheus.labs.adtya.xyz";
in in
{ {
@ -9,7 +9,6 @@ in
virtualHosts."${domainName}" = { virtualHosts."${domainName}" = {
inherit logFormat; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:9090 reverse_proxy 127.0.0.1:9090
''; '';
}; };

3
hosts/rico2/services/apps/alertmanager.nix
View file

@ -1,6 +1,6 @@
_: _:
let let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; inherit (import ../../../shared/caddy-helpers.nix) logFormat;
domainName = "alertmanager.labs.adtya.xyz"; domainName = "alertmanager.labs.adtya.xyz";
in in
{ {
@ -9,7 +9,6 @@ in
virtualHosts."${domainName}" = { virtualHosts."${domainName}" = {
inherit logFormat; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:9093 reverse_proxy 127.0.0.1:9093
''; '';
}; };

3
hosts/rico2/services/apps/blocky.nix
View file

@ -1,6 +1,6 @@
_: _:
let let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; inherit (import ../../../shared/caddy-helpers.nix) logFormat;
domainName = "blocky.rico2.labs.adtya.xyz"; domainName = "blocky.rico2.labs.adtya.xyz";
in in
{ {
@ -12,7 +12,6 @@ in
virtualHosts."${domainName}" = { virtualHosts."${domainName}" = {
inherit logFormat; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:8080 reverse_proxy 127.0.0.1:8080
''; '';
}; };

3
hosts/rico2/services/apps/grafana.nix
View file

@ -1,6 +1,6 @@
_: _:
let let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; inherit (import ../../../shared/caddy-helpers.nix) logFormat;
domainName = "grafana.labs.adtya.xyz"; domainName = "grafana.labs.adtya.xyz";
in in
{ {
@ -9,7 +9,6 @@ in
virtualHosts."${domainName}" = { virtualHosts."${domainName}" = {
inherit logFormat; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:9091 reverse_proxy 127.0.0.1:9091
''; '';
}; };

6
hosts/shared/caddy-helpers.nix
View file

@ -4,10 +4,4 @@
format json format json
level ERROR level ERROR
''; '';
tlsAcmeDnsChallenge = ''
tls {
dns hetzner {env.HETZNER_ACCESS_TOKEN}
}
'';
} }

1
hosts/shared/caddy.nix
View file

@ -17,6 +17,7 @@ in
package = inputs.caddy.packages.${pkgs.system}.caddy; package = inputs.caddy.packages.${pkgs.system}.caddy;
email = "admin@acomputer.lol"; email = "admin@acomputer.lol";
globalConfig = '' globalConfig = ''
acme_dns hetzner {env.HETZNER_ACCESS_TOKEN}
servers { servers {
trusted_proxies static private_ranges 10.10.10.0/24 trusted_proxies static private_ranges 10.10.10.0/24
client_ip_headers X-Forwarded-For X-Real-IP client_ip_headers X-Forwarded-For X-Real-IP

3
hosts/shared/prometheus-exporters.nix
View file

@ -1,6 +1,6 @@
{ lib, config, ... }: { lib, config, ... }:
let let
inherit (import ./caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; inherit (import ./caddy-helpers.nix) logFormat;
in in
{ {
services = { services = {
@ -12,7 +12,6 @@ in
virtualHosts."${vHost}" = { virtualHosts."${vHost}" = {
inherit logFormat; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsAcmeDnsChallenge}
metrics /caddy-metrics metrics /caddy-metrics
handle /metrics { handle /metrics {
reverse_proxy ${config.services.prometheus.exporters.node.listenAddress}:${toString config.services.prometheus.exporters.node.port} reverse_proxy ${config.services.prometheus.exporters.node.listenAddress}:${toString config.services.prometheus.exporters.node.port}

2
hosts/shared/promtail.nix
View file

@ -1,4 +1,4 @@
{ config, ... }: { _: {
services = { services = {
promtail = { promtail = {
enable = true; enable = true;

3
hosts/wynne/services/apps/ntfy.nix
View file

@ -1,6 +1,6 @@
{ lib, config, ... }: { lib, config, ... }:
let let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge; inherit (import ../../../shared/caddy-helpers.nix) logFormat;
domainName = "ntfy.acomputer.lol"; domainName = "ntfy.acomputer.lol";
in in
{ {
@ -9,7 +9,6 @@ in
"${config.networking.hostName}.labs.adtya.xyz" = { "${config.networking.hostName}.labs.adtya.xyz" = {
inherit logFormat; inherit logFormat;
extraConfig = '' extraConfig = ''
${tlsAcmeDnsChallenge}
handle /ntfy-metrics { handle /ntfy-metrics {
uri replace /ntfy-metrics /metrics uri replace /ntfy-metrics /metrics
reverse_proxy ${config.services.ntfy-sh.settings.metrics-listen-http} reverse_proxy ${config.services.ntfy-sh.settings.metrics-listen-http}