138 lines
3.1 KiB
Nix
138 lines
3.1 KiB
Nix
{ config, lib, ... }:
|
|
|
|
with lib;
|
|
|
|
let
|
|
cfg = config.settings.containers.caddy;
|
|
in {
|
|
options = {
|
|
settings.containers.caddy.enable = lib.mkOption {
|
|
type = lib.types.bool;
|
|
default = false;
|
|
description = ''
|
|
Enable caddy container
|
|
'';
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
services.podman.containers.caddy = {
|
|
image = "localhost/tboomers/caddy-custom:latest";
|
|
network = "proxy";
|
|
networkAlias = [
|
|
"mail.tbmrs.nl"
|
|
];
|
|
ports = [
|
|
"1080:80"
|
|
"1443:443"
|
|
];
|
|
volumes = [
|
|
"%h/containers/caddy/Caddyfile:/etc/caddy/Caddyfile"
|
|
"%h/containers/caddy/acme_key:/etc/caddy/acme_key"
|
|
"%h/containers/caddy/data:/data"
|
|
];
|
|
};
|
|
|
|
home.file."containers/caddy/Caddyfile".text = ''
|
|
*.tbmrs.nl, tbmrs.nl {
|
|
tls {
|
|
dns transip xeovalyte /etc/caddy/acme_key
|
|
resolvers 1.1.1.1
|
|
}
|
|
|
|
@root host tbmrs.nl
|
|
handle @root {
|
|
respond "Hello there"
|
|
}
|
|
|
|
@kanidm host auth.tbmrs.nl
|
|
handle @kanidm {
|
|
reverse_proxy https://auth.tbmrs.nl
|
|
}
|
|
|
|
@forgejo host git.tbmrs.nl
|
|
handle @forgejo {
|
|
reverse_proxy forgejo:3000
|
|
}
|
|
|
|
@immich host photos.tbmrs.nl
|
|
handle @immich {
|
|
reverse_proxy immich-server:2283
|
|
}
|
|
|
|
@homepage host home.tbmrs.nl
|
|
handle @homepage {
|
|
reverse_proxy homepage:3000
|
|
}
|
|
|
|
@uptime-kuma host uptime.tbmrs.nl
|
|
handle @uptime-kuma {
|
|
reverse_proxy uptime-kuma:3001
|
|
}
|
|
|
|
@pingvin-share host share.tbmrs.nl
|
|
handle @pingvin-share {
|
|
reverse_proxy pingvin-share:3000
|
|
}
|
|
|
|
@dufs host files.tbmrs.nl
|
|
handle @dufs {
|
|
reverse_proxy dufs:5000
|
|
}
|
|
|
|
@stalwart host mail.tbmrs.nl
|
|
handle @stalwart {
|
|
reverse_proxy stalwart:8080
|
|
}
|
|
}
|
|
|
|
*.local.tbmrs.nl {
|
|
tls {
|
|
dns transip xeovalyte /etc/caddy/acme_key
|
|
resolvers 1.1.1.1
|
|
}
|
|
|
|
@vaultwarden host vault.local.tbmrs.nl
|
|
handle @vaultwarden {
|
|
reverse_proxy vaultwarden:80
|
|
}
|
|
|
|
@paperless-ngx host paperless.local.tbmrs.nl
|
|
handle @paperless-ngx {
|
|
reverse_proxy paperless-ngx:8000
|
|
}
|
|
|
|
@beszel host monitor.local.tbmrs.nl
|
|
handle @beszel {
|
|
reverse_proxy beszel:8090
|
|
}
|
|
|
|
@syncthing host syncthing.local.tbmrs.nl
|
|
handle @syncthing {
|
|
reverse_proxy syncthing:8384
|
|
}
|
|
|
|
@homeassistant host home-assistant.local.tbmrs.nl
|
|
handle @homeassistant {
|
|
reverse_proxy homeassistant:8123
|
|
}
|
|
|
|
@karakeep host karakeep.local.tbmrs.nl
|
|
handle @karakeep {
|
|
reverse_proxy karakeep:3000
|
|
}
|
|
|
|
@vikunja host vikunja.local.tbmrs.nl
|
|
handle @vikunja {
|
|
reverse_proxy vikunja:3456
|
|
}
|
|
|
|
@linkding host linkding.local.tbmrs.nl
|
|
handle @linkding {
|
|
reverse_proxy linkding:9090
|
|
}
|
|
}
|
|
'';
|
|
};
|
|
}
|