diff --git a/modules/home/containers/beszel.nix b/modules/home/containers/beszel.nix index 1b4b0a8..eedfee5 100644 --- a/modules/home/containers/beszel.nix +++ b/modules/home/containers/beszel.nix @@ -49,6 +49,12 @@ in { }; }; + settings.containers.caddy.routes.tbmrs-local.routes = [{ + name = "beszel"; + host = "monitor"; + url = "beszel:8090"; + }]; + sops.secrets = { "containers/beszel/key" = { }; }; diff --git a/modules/home/containers/caddy.nix b/modules/home/containers/caddy.nix index 6a0570b..4d65a45 100644 --- a/modules/home/containers/caddy.nix +++ b/modules/home/containers/caddy.nix @@ -5,8 +5,8 @@ with lib; let cfg = config.settings.containers.caddy; - generateRoutes = entries: lib.concatMapStrings (route: '' - @${route.name} host ${route.host} + generateRoutes = domain: entries: lib.concatMapStrings (route: '' + @${route.name} host ${route.host}.${domain} handle @${route.name} { reverse_proxy ${route.url} } @@ -29,7 +29,7 @@ let }; in { options = { - settings.containers.caddy.enable = lib.mkOption { + settings.containers.caddy.enable = mkOption { type = lib.types.bool; default = false; description = '' @@ -37,8 +37,16 @@ in { ''; }; - settings.containers.caddy.routes.tbmrs = routesOption; - settings.containers.caddy.routes.tbmrs-local = routesOption; + settings.containers.caddy.routes = mkOption { + type = lib.types.attrsOf (types.submodule { + options = { + routes = routesOption; + domain = mkOption { + type = types.str; + }; + }; + }); + }; }; config = mkIf cfg.enable { @@ -59,48 +67,10 @@ in { ]; }; - settings.containers.caddy.routes.tbmrs = [ - { - name = "kanidm"; - host = "auth"; - url = "https://auth.tbmrs.nl"; - } - { - name = "forgejo"; - host = "git"; - url = "forgejo:3000"; - } - { - name = "immich"; - host = "photos"; - url = "immich-server:2283"; - } - { - name = "homepage"; - host = "home"; - url = "homepage:3000"; - } - { - name = "uptime-kuma"; - host = "uptime"; - url = "uptime-kuma:3001"; - } - { - name = "pingvin-share"; - host = "share"; - url = "pingvin-share:3000"; - } - { - name = "dufs"; - host = "files"; - url = "dufs:5000"; - } - { - name = "stalwart"; - host = "mail"; - url = "stalwart:8000"; - } - ]; + settings.containers.caddy.routes = { + tbmrs.domain = "tbmrs.nl"; + tbmrs-local.domain = "local.tbmrs.nl"; + }; home.file."containers/caddy/Caddyfile".text = '' *.tbmrs.nl, tbmrs.nl { @@ -109,7 +79,7 @@ in { resolvers 1.1.1.1 } - ${generateRoutes cfg.routes.tbmrs} + ${generateRoutes cfg.routes.tbmrs.domain cfg.routes.tbmrs.routes} } *.local.tbmrs.nl { @@ -118,45 +88,7 @@ in { resolvers 1.1.1.1 } - @vaultwarden host vault.local.tbmrs.nl - handle @vaultwarden { - reverse_proxy vaultwarden:80 - } - - @paperless-ngx host paperless.local.tbmrs.nl - handle @paperless-ngx { - reverse_proxy paperless-ngx:8000 - } - - @beszel host monitor.local.tbmrs.nl - handle @beszel { - reverse_proxy beszel:8090 - } - - @syncthing host syncthing.local.tbmrs.nl - handle @syncthing { - reverse_proxy syncthing:8384 - } - - @homeassistant host home-assistant.local.tbmrs.nl - handle @homeassistant { - reverse_proxy homeassistant:8123 - } - - @karakeep host karakeep.local.tbmrs.nl - handle @karakeep { - reverse_proxy karakeep:3000 - } - - @vikunja host vikunja.local.tbmrs.nl - handle @vikunja { - reverse_proxy vikunja:3456 - } - - @linkding host linkding.local.tbmrs.nl - handle @linkding { - reverse_proxy linkding:9090 - } + ${generateRoutes cfg.routes.tbmrs-local.domain cfg.routes.tbmrs-local.routes} } ''; }; diff --git a/modules/home/containers/forgejo.nix b/modules/home/containers/forgejo.nix index 0ba3526..752b24f 100644 --- a/modules/home/containers/forgejo.nix +++ b/modules/home/containers/forgejo.nix @@ -28,5 +28,11 @@ in { FORGEJO__service__ENABLE_PASSWORD_SIGNIN_FORM = false; }; }; + + settings.containers.caddy.routes.tbmrs.routes = [{ + name = "forgejo"; + host = "git"; + url = "forgejo:3000"; + }]; }; } diff --git a/modules/home/containers/homeassistant.nix b/modules/home/containers/homeassistant.nix index 7dea2b1..aca0ba2 100644 --- a/modules/home/containers/homeassistant.nix +++ b/modules/home/containers/homeassistant.nix @@ -27,5 +27,11 @@ in { TZ = "Europe/Amsterdam"; }; }; + + settings.containers.caddy.routes.tbmrs-local.routes = [{ + name = "homeassistant"; + host = "home-assistant"; + url = "homeassistant:8123"; + }]; }; } diff --git a/modules/home/containers/immich.nix b/modules/home/containers/immich.nix index 77efae6..eb5eb24 100644 --- a/modules/home/containers/immich.nix +++ b/modules/home/containers/immich.nix @@ -71,5 +71,11 @@ in { }; exec = ''postgres -c shared_preload_libraries=vectors.so -c 'search_path="$$user", public, vectors' -c logging_collector=on -c max_wal_size=2GB -c shared_buffers=512MB -c wal_compression=on''; }; + + settings.containers.caddy.routes.tbmrs.routes = [{ + name = "immich"; + host = "photos"; + url = "immich-server:2283"; + }]; }; } diff --git a/modules/home/containers/kanidm.nix b/modules/home/containers/kanidm.nix index 7f59f21..ccdebb8 100644 --- a/modules/home/containers/kanidm.nix +++ b/modules/home/containers/kanidm.nix @@ -36,5 +36,11 @@ in { KANIDM_ORIGIN = "https://auth.tbmrs.nl"; }; }; + + settings.containers.caddy.routes.tbmrs.routes = [{ + name = "kanidm"; + host = "auth"; + url = "https://auth.tbmrs.nl"; + }]; }; } diff --git a/modules/home/containers/linkding.nix b/modules/home/containers/linkding.nix index db0766a..859bca1 100644 --- a/modules/home/containers/linkding.nix +++ b/modules/home/containers/linkding.nix @@ -36,6 +36,12 @@ in { ]; }; + settings.containers.caddy.routes.tbmrs-local.routes = [{ + name = "linkding"; + host = "links"; + url = "linkding:9090"; + }]; + settings.services.sops.enable = true; sops.templates = { diff --git a/modules/home/containers/paperless-ngx.nix b/modules/home/containers/paperless-ngx.nix index 6831ae2..c92115c 100644 --- a/modules/home/containers/paperless-ngx.nix +++ b/modules/home/containers/paperless-ngx.nix @@ -88,6 +88,12 @@ in { ]; }; + settings.containers.caddy.routes.tbmrs-local.routes = [{ + name = "paperless-ngx"; + host = "paperless"; + url = "paperless-ngx:8000"; + }]; + sops.secrets = { "containers/paperless-ngx/db-password" = { }; "containers/paperless-ngx/secret" = { }; diff --git a/modules/home/containers/pingvin-share.nix b/modules/home/containers/pingvin-share.nix index 3a6c4f3..c30aea9 100644 --- a/modules/home/containers/pingvin-share.nix +++ b/modules/home/containers/pingvin-share.nix @@ -39,6 +39,12 @@ in { }; }; + settings.containers.caddy.routes.tbmrs.routes = [{ + name = "pingvin-share"; + host = "share"; + url = "pingvin-share:3000"; + }]; + sops.templates = { "container-pingvin.yaml" = { content = /*yaml*/ '' diff --git a/modules/home/containers/stalwart.nix b/modules/home/containers/stalwart.nix index f8aa439..1f3a6e9 100644 --- a/modules/home/containers/stalwart.nix +++ b/modules/home/containers/stalwart.nix @@ -33,5 +33,11 @@ in { "%h/containers/stalwart/data:/opt/stalwart-mail" ]; }; + + settings.containers.caddy.routes.tbmrs.routes = [{ + name = "stalwart"; + host = "mail"; + url = "stalwart:8080"; + }]; }; } diff --git a/modules/home/containers/storage.nix b/modules/home/containers/storage.nix index f779a83..99ef302 100644 --- a/modules/home/containers/storage.nix +++ b/modules/home/containers/storage.nix @@ -43,5 +43,17 @@ in { "22000:22000/udp" ]; }; + + settings.containers.caddy.routes.tbmrs-local.routes = [{ + name = "syncthing"; + host = "syncthing"; + url = "syncthing:8384"; + }]; + + settings.containers.caddy.routes.tbmrs.routes = [{ + name = "dufs"; + host = "files"; + url = "dufs:5000"; + }]; }; } diff --git a/modules/home/containers/uptime-kuma.nix b/modules/home/containers/uptime-kuma.nix index 7ff72c9..9197134 100644 --- a/modules/home/containers/uptime-kuma.nix +++ b/modules/home/containers/uptime-kuma.nix @@ -17,11 +17,17 @@ in { config = mkIf cfg.enable { services.podman.containers.uptime-kuma = { - image = "louislam/uptime-kuma:1"; + image = "louislam/uptime-kuma:beta"; network = "proxy"; volumes = [ "%h/containers/uptime-kuma/data:/app/data" ]; }; + + settings.containers.caddy.routes.tbmrs.routes = [{ + name = "uptime-kuma"; + host = "uptime"; + url = "uptime-kuma:3001"; + }]; }; } diff --git a/modules/home/containers/vaultwarden.nix b/modules/home/containers/vaultwarden.nix index a3d42cb..df07d6c 100644 --- a/modules/home/containers/vaultwarden.nix +++ b/modules/home/containers/vaultwarden.nix @@ -27,5 +27,12 @@ in { SIGNUPS_ALLOWED = true; }; }; + + settings.containers.caddy.routes.tbmrs-local.routes = [{ + name = "vaultwarden"; + host = "vault"; + url = "vaultwarden:80"; + }]; + }; } diff --git a/modules/home/containers/vikunja.nix b/modules/home/containers/vikunja.nix index ac17cbc..0950c1d 100644 --- a/modules/home/containers/vikunja.nix +++ b/modules/home/containers/vikunja.nix @@ -25,5 +25,11 @@ in { "%h/containers/vikunja/db:/db" ]; }; + + settings.containers.caddy.routes.tbmrs-local.routes = [{ + name = "vikunja"; + host = "tasks"; + url = "vikunja:3456"; + }]; }; }