xeovalyte/nix
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

changed how caddy works

Browse Source
This commit is contained in:
Timo Boomers 2025-05-22 13:25:57 +02:00
parent af966ab2f3
commit 9fd98e97fe
14 changed files with 105 additions and 88 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
modules/home/containers/beszel.nix
View File

@ -49,6 +49,12 @@ in {
}; };
}; };
settings.containers.caddy.routes.tbmrs-local.routes = [{
name = "beszel";
host = "monitor";
url = "beszel:8090";
}];
sops.secrets = { sops.secrets = {
"containers/beszel/key" = { }; "containers/beszel/key" = { };
}; };

106
modules/home/containers/caddy.nix
View File

@ -5,8 +5,8 @@ with lib;
let let
cfg = config.settings.containers.caddy; cfg = config.settings.containers.caddy;
generateRoutes = entries: lib.concatMapStrings (route: '' generateRoutes = domain: entries: lib.concatMapStrings (route: ''
@${route.name} host ${route.host} @${route.name} host ${route.host}.${domain}
handle @${route.name} { handle @${route.name} {
reverse_proxy ${route.url} reverse_proxy ${route.url}
} }
@ -29,7 +29,7 @@ let
}; };
in { in {
options = { options = {
settings.containers.caddy.enable = lib.mkOption { settings.containers.caddy.enable = mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
description = '' description = ''
@ -37,8 +37,16 @@ in {
''; '';
}; };
settings.containers.caddy.routes.tbmrs = routesOption; settings.containers.caddy.routes = mkOption {
settings.containers.caddy.routes.tbmrs-local = routesOption; type = lib.types.attrsOf (types.submodule {
options = {
routes = routesOption;
domain = mkOption {
type = types.str;
};
};
});
};
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
@ -59,48 +67,10 @@ in {
]; ];
}; };
settings.containers.caddy.routes.tbmrs = [ settings.containers.caddy.routes = {
{ tbmrs.domain = "tbmrs.nl";
name = "kanidm"; tbmrs-local.domain = "local.tbmrs.nl";
host = "auth"; };
url = "https://auth.tbmrs.nl";
}
{
name = "forgejo";
host = "git";
url = "forgejo:3000";
}
{
name = "immich";
host = "photos";
url = "immich-server:2283";
}
{
name = "homepage";
host = "home";
url = "homepage:3000";
}
{
name = "uptime-kuma";
host = "uptime";
url = "uptime-kuma:3001";
}
{
name = "pingvin-share";
host = "share";
url = "pingvin-share:3000";
}
{
name = "dufs";
host = "files";
url = "dufs:5000";
}
{
name = "stalwart";
host = "mail";
url = "stalwart:8000";
}
];
home.file."containers/caddy/Caddyfile".text = '' home.file."containers/caddy/Caddyfile".text = ''
*.tbmrs.nl, tbmrs.nl { *.tbmrs.nl, tbmrs.nl {
@ -109,7 +79,7 @@ in {
resolvers 1.1.1.1 resolvers 1.1.1.1
} }
${generateRoutes cfg.routes.tbmrs} ${generateRoutes cfg.routes.tbmrs.domain cfg.routes.tbmrs.routes}
} }
*.local.tbmrs.nl { *.local.tbmrs.nl {
@ -118,45 +88,7 @@ in {
resolvers 1.1.1.1 resolvers 1.1.1.1
} }
@vaultwarden host vault.local.tbmrs.nl ${generateRoutes cfg.routes.tbmrs-local.domain cfg.routes.tbmrs-local.routes}
handle @vaultwarden {
reverse_proxy vaultwarden:80
}
@paperless-ngx host paperless.local.tbmrs.nl
handle @paperless-ngx {
reverse_proxy paperless-ngx:8000
}
@beszel host monitor.local.tbmrs.nl
handle @beszel {
reverse_proxy beszel:8090
}
@syncthing host syncthing.local.tbmrs.nl
handle @syncthing {
reverse_proxy syncthing:8384
}
@homeassistant host home-assistant.local.tbmrs.nl
handle @homeassistant {
reverse_proxy homeassistant:8123
}
@karakeep host karakeep.local.tbmrs.nl
handle @karakeep {
reverse_proxy karakeep:3000
}
@vikunja host vikunja.local.tbmrs.nl
handle @vikunja {
reverse_proxy vikunja:3456
}
@linkding host linkding.local.tbmrs.nl
handle @linkding {
reverse_proxy linkding:9090
}
} }
''; '';
}; };

6
modules/home/containers/forgejo.nix
View File

@ -28,5 +28,11 @@ in {
FORGEJO__service__ENABLE_PASSWORD_SIGNIN_FORM = false; FORGEJO__service__ENABLE_PASSWORD_SIGNIN_FORM = false;
}; };
}; };
settings.containers.caddy.routes.tbmrs.routes = [{
name = "forgejo";
host = "git";
url = "forgejo:3000";
}];
}; };
} }

6
modules/home/containers/homeassistant.nix
View File

@ -27,5 +27,11 @@ in {
TZ = "Europe/Amsterdam"; TZ = "Europe/Amsterdam";
}; };
}; };
settings.containers.caddy.routes.tbmrs-local.routes = [{
name = "homeassistant";
host = "home-assistant";
url = "homeassistant:8123";
}];
}; };
} }

6
modules/home/containers/immich.nix
View File

@ -71,5 +71,11 @@ in {
}; };
exec = ''postgres -c shared_preload_libraries=vectors.so -c 'search_path="$$user", public, vectors' -c logging_collector=on -c max_wal_size=2GB -c shared_buffers=512MB -c wal_compression=on''; exec = ''postgres -c shared_preload_libraries=vectors.so -c 'search_path="$$user", public, vectors' -c logging_collector=on -c max_wal_size=2GB -c shared_buffers=512MB -c wal_compression=on'';
}; };
settings.containers.caddy.routes.tbmrs.routes = [{
name = "immich";
host = "photos";
url = "immich-server:2283";
}];
}; };
} }

6
modules/home/containers/kanidm.nix
View File

@ -36,5 +36,11 @@ in {
KANIDM_ORIGIN = "https://auth.tbmrs.nl"; KANIDM_ORIGIN = "https://auth.tbmrs.nl";
}; };
}; };
settings.containers.caddy.routes.tbmrs.routes = [{
name = "kanidm";
host = "auth";
url = "https://auth.tbmrs.nl";
}];
}; };
} }

6
modules/home/containers/linkding.nix
View File

@ -36,6 +36,12 @@ in {
]; ];
}; };
settings.containers.caddy.routes.tbmrs-local.routes = [{
name = "linkding";
host = "links";
url = "linkding:9090";
}];
settings.services.sops.enable = true; settings.services.sops.enable = true;
sops.templates = { sops.templates = {

6
modules/home/containers/paperless-ngx.nix
View File

@ -88,6 +88,12 @@ in {
]; ];
}; };
settings.containers.caddy.routes.tbmrs-local.routes = [{
name = "paperless-ngx";
host = "paperless";
url = "paperless-ngx:8000";
}];
sops.secrets = { sops.secrets = {
"containers/paperless-ngx/db-password" = { }; "containers/paperless-ngx/db-password" = { };
"containers/paperless-ngx/secret" = { }; "containers/paperless-ngx/secret" = { };

6
modules/home/containers/pingvin-share.nix
View File

@ -39,6 +39,12 @@ in {
}; };
}; };
settings.containers.caddy.routes.tbmrs.routes = [{
name = "pingvin-share";
host = "share";
url = "pingvin-share:3000";
}];
sops.templates = { sops.templates = {
"container-pingvin.yaml" = { "container-pingvin.yaml" = {
content = /*yaml*/ '' content = /*yaml*/ ''

6
modules/home/containers/stalwart.nix
View File

@ -33,5 +33,11 @@ in {
"%h/containers/stalwart/data:/opt/stalwart-mail" "%h/containers/stalwart/data:/opt/stalwart-mail"
]; ];
}; };
settings.containers.caddy.routes.tbmrs.routes = [{
name = "stalwart";
host = "mail";
url = "stalwart:8080";
}];
}; };
} }

12
modules/home/containers/storage.nix
View File

@ -43,5 +43,17 @@ in {
"22000:22000/udp" "22000:22000/udp"
]; ];
}; };
settings.containers.caddy.routes.tbmrs-local.routes = [{
name = "syncthing";
host = "syncthing";
url = "syncthing:8384";
}];
settings.containers.caddy.routes.tbmrs.routes = [{
name = "dufs";
host = "files";
url = "dufs:5000";
}];
}; };
} }

8
modules/home/containers/uptime-kuma.nix
View File

@ -17,11 +17,17 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.podman.containers.uptime-kuma = { services.podman.containers.uptime-kuma = {
image = "louislam/uptime-kuma:1"; image = "louislam/uptime-kuma:beta";
network = "proxy"; network = "proxy";
volumes = [ volumes = [
"%h/containers/uptime-kuma/data:/app/data" "%h/containers/uptime-kuma/data:/app/data"
]; ];
}; };
settings.containers.caddy.routes.tbmrs.routes = [{
name = "uptime-kuma";
host = "uptime";
url = "uptime-kuma:3001";
}];
}; };
} }

7
modules/home/containers/vaultwarden.nix
View File

@ -27,5 +27,12 @@ in {
SIGNUPS_ALLOWED = true; SIGNUPS_ALLOWED = true;
}; };
}; };
settings.containers.caddy.routes.tbmrs-local.routes = [{
name = "vaultwarden";
host = "vault";
url = "vaultwarden:80";
}];
}; };
} }

6
modules/home/containers/vikunja.nix
View File

@ -25,5 +25,11 @@ in {
"%h/containers/vikunja/db:/db" "%h/containers/vikunja/db:/db"
]; ];
}; };
settings.containers.caddy.routes.tbmrs-local.routes = [{
name = "vikunja";
host = "tasks";
url = "vikunja:3456";
}];
}; };
} }