xeovalyte/nix
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
nix/modules/home/containers/caddy.nix

164 lines
3.5 KiB
Nix
Raw Blame History

{ config, lib, ... }:
with lib;
let
cfg = config.settings.containers.caddy;
generateRoutes = entries: lib.concatMapStrings (route: ''
@${route.name} host ${route.host}
handle @${route.name} {
reverse_proxy ${route.url}
}
'') entries;
routesOption = lib.mkOption {
type = types.listOf (types.submodule {
options = {
name = mkOption {
type = types.str;
};
url = mkOption {
type = types.str;
};
host = mkOption {
type = types.str;
};
};
});
};
in {
options = {
settings.containers.caddy.enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable caddy container
'';
};
settings.containers.caddy.routes.tbmrs = routesOption;
settings.containers.caddy.routes.tbmrs-local = routesOption;
};
config = mkIf cfg.enable {
services.podman.containers.caddy = {
image = "localhost/tboomers/caddy-custom:latest";
network = "proxy";
networkAlias = [
"mail.tbmrs.nl"
];
ports = [
"1080:80"
"1443:443"
];
volumes = [
"%h/containers/caddy/Caddyfile:/etc/caddy/Caddyfile"
"%h/containers/caddy/acme_key:/etc/caddy/acme_key"
"%h/containers/caddy/data:/data"
];
};
settings.containers.caddy.routes.tbmrs = [
{
name = "kanidm";
host = "auth";
url = "https://auth.tbmrs.nl";
}
{
name = "forgejo";
host = "git";
url = "forgejo:3000";
}
{
name = "immich";
host = "photos";
url = "immich-server:2283";
}
{
name = "homepage";
host = "home";
url = "homepage:3000";
}
{
name = "uptime-kuma";
host = "uptime";
url = "uptime-kuma:3001";
}
{
name = "pingvin-share";
host = "share";
url = "pingvin-share:3000";
}
{
name = "dufs";
host = "files";
url = "dufs:5000";
}
{
name = "stalwart";
host = "mail";
url = "stalwart:8000";
}
];
home.file."containers/caddy/Caddyfile".text = ''
*.tbmrs.nl, tbmrs.nl {
tls {
dns transip xeovalyte /etc/caddy/acme_key
resolvers 1.1.1.1
}
${generateRoutes cfg.routes.tbmrs}
}
*.local.tbmrs.nl {
tls {
dns transip xeovalyte /etc/caddy/acme_key
resolvers 1.1.1.1
}
@vaultwarden host vault.local.tbmrs.nl
handle @vaultwarden {
reverse_proxy vaultwarden:80
}
@paperless-ngx host paperless.local.tbmrs.nl
handle @paperless-ngx {
reverse_proxy paperless-ngx:8000
}
@beszel host monitor.local.tbmrs.nl
handle @beszel {
reverse_proxy beszel:8090
}
@syncthing host syncthing.local.tbmrs.nl
handle @syncthing {
reverse_proxy syncthing:8384
}
@homeassistant host home-assistant.local.tbmrs.nl
handle @homeassistant {
reverse_proxy homeassistant:8123
}
@karakeep host karakeep.local.tbmrs.nl
handle @karakeep {
reverse_proxy karakeep:3000
}
@vikunja host vikunja.local.tbmrs.nl
handle @vikunja {
reverse_proxy vikunja:3456
}
@linkding host linkding.local.tbmrs.nl
handle @linkding {
reverse_proxy linkding:9090
}
}
'';
};
}
Reference in New Issue View Git Blame Copy Permalink