Compare commits

..

10 commits

29 changed files with 170 additions and 67 deletions

View file

@ -53,10 +53,12 @@ in
Locked = true;
};
Homepage = {
StartPage = "previous-session";
URL = "https://homepage.labs.adtya.xyz";
StartPage = "homepage-locked";
Locked = true;
};
NetworkPrediction = false;
NewTabPage = false;
NoDefaultBookmarks = true;
OfferToSaveLogins = false;
OverrideFirstRunPage = "";

View file

@ -201,6 +201,7 @@ in
"SUPER,l, layoutmsg,rollnext"
"SUPER,h, layoutmsg,rollprev"
"SUPER_SHIFT,z, layoutmsg,orientationcycle left right"
"SUPER,m, layoutmsg,focusmaster"
"SUPER_SHIFT,m, layoutmsg,swapwithmaster"

View file

@ -0,0 +1,34 @@
{ pkgs, lib, ... }:
let
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
user = "mediaserver";
group = "mediaserver";
dataDir = "/mnt/data/bazarr";
port = 6767;
in
{
services.caddy.virtualHosts."bazarr.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = ''
reverse_proxy 127.0.0.1:${toString port}
'';
};
systemd.tmpfiles.settings."10-bazarr".${dataDir}.d = {
inherit user group;
mode = "0700";
};
systemd.services.bazarr = {
description = "Bazarr";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
unitConfig.RequiresMountsFor = [ "/mnt/data" ];
serviceConfig = {
Type = "simple";
User = user;
Group = group;
ExecStart = "${lib.getExe pkgs.bazarr} --port ${toString port} --config '${dataDir}'";
Restart = "on-failure";
};
};
}

View file

@ -5,7 +5,9 @@ _: {
./radarr.nix
./sonarr.nix
./readarr.nix
./jackett.nix
./prowlarr.nix
./bazarr.nix
./lidarr.nix
../../../shared/prometheus-exporters.nix
../../../shared/promtail.nix
];

View file

@ -1,23 +0,0 @@
_:
let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
in
{
services = {
caddy.virtualHosts."jackett.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:9117
'';
};
jackett = {
enable = true;
user = "mediaserver";
group = "mediaserver";
dataDir = "/mnt/data/jackett";
port = 9117;
};
};
systemd.services.radarr.unitConfig.RequiresMountsFor = [ "/mnt/data" ];
}

View file

@ -1,6 +1,6 @@
_:
let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
in
{
services = {
@ -9,14 +9,12 @@ in
"jellyfin.local.adtya.xyz" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:8096
'';
};
"jellyfin.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:8096
'';
};

View file

@ -0,0 +1,22 @@
_:
let
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
in
{
services = {
caddy.virtualHosts."lidarr.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = ''
reverse_proxy 127.0.0.1:8686
'';
};
lidarr = {
enable = true;
dataDir = "/mnt/data/lidarr";
user = "mediaserver";
group = "mediaserver";
};
};
systemd.services.lidarr.unitConfig.RequiresMountsFor = [ "/mnt/data" ];
}

View file

@ -0,0 +1,33 @@
{ pkgs, lib, ... }:
let
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
user = "mediaserver";
group = "mediaserver";
dataDir = "/mnt/data/prowlarr";
in
{
services.caddy.virtualHosts."prowlarr.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = ''
reverse_proxy 127.0.0.1:9696
'';
};
systemd.tmpfiles.settings."10-prowlarr".${dataDir}.d = {
inherit user group;
mode = "0700";
};
systemd.services.prowlarr = {
description = "Prowlarr";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
unitConfig.RequiresMountsFor = [ "/mnt/data" ];
serviceConfig = {
Type = "simple";
User = user;
Group = group;
ExecStart = "${lib.getExe pkgs.prowlarr} -nobrowser -data='${dataDir}'";
Restart = "on-failure";
};
};
}

View file

@ -1,13 +1,12 @@
_:
let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
in
{
services = {
caddy.virtualHosts."radarr.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:7878
'';
};

View file

@ -1,13 +1,12 @@
_:
let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
in
{
services = {
caddy.virtualHosts."readarr.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:8787
'';
};
@ -18,5 +17,5 @@ in
group = "mediaserver";
};
};
systemd.services.radarr.unitConfig.RequiresMountsFor = [ "/mnt/data" ];
systemd.services.readarr.unitConfig.RequiresMountsFor = [ "/mnt/data" ];
}

View file

@ -1,13 +1,12 @@
_:
let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
in
{
services = {
caddy.virtualHosts."sonarr.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:8989
'';
};
@ -18,5 +17,5 @@ in
group = "mediaserver";
};
};
systemd.services.radarr.unitConfig.RequiresMountsFor = [ "/mnt/data" ];
systemd.services.sanarr.unitConfig.RequiresMountsFor = [ "/mnt/data" ];
}

View file

@ -1,6 +1,6 @@
{ pkgs, ... }:
let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
in
{
services = {
@ -8,7 +8,6 @@ in
virtualHosts."transmission.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:9091
'';
};

View file

@ -1,6 +1,6 @@
_:
let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
domainName = "blocky.rico1.labs.adtya.xyz";
in
{
@ -12,7 +12,6 @@ in
virtualHosts."${domainName}" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:8080
'';
};

View file

@ -1,6 +1,6 @@
_:
let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
in
{
imports = [
@ -16,28 +16,24 @@ in
"gateway.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 192.168.0.1:80
'';
};
"ap1.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 192.168.1.1:80
'';
};
"ap2.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 192.168.1.2:80
'';
};
"switch.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 192.168.1.3:80
'';
};

View file

@ -1,6 +1,6 @@
_:
let
inherit (import ../../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
inherit (import ../../../../shared/caddy-helpers.nix) logFormat;
domainName = "loki.labs.adtya.xyz";
in
{
@ -9,7 +9,6 @@ in
virtualHosts."${domainName}" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:3100
'';
};

View file

@ -1,6 +1,6 @@
_:
let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
domainName = "prometheus.labs.adtya.xyz";
in
{
@ -9,7 +9,6 @@ in
virtualHosts."${domainName}" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:9090
'';
};

View file

@ -1,6 +1,6 @@
_:
let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
domainName = "alertmanager.labs.adtya.xyz";
in
{
@ -9,7 +9,6 @@ in
virtualHosts."${domainName}" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:9093
'';
};

View file

@ -1,6 +1,6 @@
_:
let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
domainName = "blocky.rico2.labs.adtya.xyz";
in
{
@ -12,7 +12,6 @@ in
virtualHosts."${domainName}" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:8080
'';
};

View file

@ -4,6 +4,7 @@ _: {
./blocky.nix
./forgejo-actions-runner.nix
./grafana.nix
./homepage
../../../shared/prometheus-exporters.nix
../../../shared/promtail.nix
];

View file

@ -20,6 +20,14 @@
];
tokenFile = config.sops.secrets."forgejo/runner_registration_token_file".path;
url = "https://forge.acomputer.lol";
settings = {
log.level = "info";
cache = {
enabled = true;
host = "192.168.1.12";
external_server = "https://act-cache.labs.adtya.xyz/";
};
};
};
};
};

View file

@ -1,6 +1,6 @@
_:
let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
domainName = "grafana.labs.adtya.xyz";
in
{
@ -9,7 +9,6 @@ in
virtualHosts."${domainName}" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
reverse_proxy 127.0.0.1:9091
'';
};

View file

@ -0,0 +1,27 @@
{config, ...}:
let
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
domainName = "homepage.labs.adtya.xyz";
cfg = config.services.glance;
in
{
services = {
caddy = {
virtualHosts."${domainName}" = {
inherit logFormat;
extraConfig = ''
reverse_proxy ${cfg.settings.server.host}:${cfg.settings.server.port}
'';
};
};
glance = {
enable = true;
settings = {
server = {
host = "127.0.0.1";
port = "5678";
};
};
};
};
}

View file

@ -66,13 +66,17 @@
# Services
"alertmanager.labs.adtya.xyz" = "10.10.10.12";
"act-cache.labs.adtya.xyz" = "10.10.10.13";
"bazarr.labs.adtya.xyz" = "10.10.10.14";
"blocky.rico1.labs.adtya.xyz" = "10.10.10.11";
"blocky.rico2.labs.adtya.xyz" = "10.10.10.12";
"grafana.labs.adtya.xyz" = "10.10.10.12";
"jackett.labs.adtya.xyz" = "10.10.10.14";
"homepage.labs.adtya.xyz" = "10.10.10.12";
"jellyfin.labs.adtya.xyz" = "10.10.10.14";
"lidarr.labs.adtya.xyz" = "10.10.10.14";
"loki.labs.adtya.xyz" = "10.10.10.11";
"prometheus.labs.adtya.xyz" = "10.10.10.11";
"prowlarr.labs.adtya.xyz" = "10.10.10.14";
"radarr.labs.adtya.xyz" = "10.10.10.14";
"readarr.labs.adtya.xyz" = "10.10.10.14";
"sonarr.labs.adtya.xyz" = "10.10.10.14";

View file

@ -4,10 +4,4 @@
format json
level ERROR
'';
tlsAcmeDnsChallenge = ''
tls {
dns hetzner {env.HETZNER_ACCESS_TOKEN}
}
'';
}

View file

@ -17,6 +17,7 @@ in
package = inputs.caddy.packages.${pkgs.system}.caddy;
email = "admin@acomputer.lol";
globalConfig = ''
acme_dns hetzner {env.HETZNER_ACCESS_TOKEN}
servers {
trusted_proxies static private_ranges 10.10.10.0/24
client_ip_headers X-Forwarded-For X-Real-IP

View file

@ -1,6 +1,6 @@
{ lib, config, ... }:
let
inherit (import ./caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
inherit (import ./caddy-helpers.nix) logFormat;
in
{
services = {
@ -12,7 +12,6 @@ in
virtualHosts."${vHost}" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
metrics /caddy-metrics
handle /metrics {
reverse_proxy ${config.services.prometheus.exporters.node.listenAddress}:${toString config.services.prometheus.exporters.node.port}

View file

@ -1,4 +1,4 @@
{ config, ... }: {
_: {
services = {
promtail = {
enable = true;

View file

@ -2,6 +2,7 @@
let
cfg = config.services.forgejo;
domainName = "forge.acomputer.lol";
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
in
{
sops.secrets = {
@ -12,6 +13,12 @@ in
};
};
services = {
caddy.virtualHosts."act-cache.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = ''
reverse_proxy 127.0.0.1:7777
'';
};
gitea-actions-runner = {
package = pkgs.forgejo-runner;
instances = {
@ -26,6 +33,14 @@ in
];
tokenFile = config.sops.secrets."forgejo/runner_registration_token_file".path;
url = "https://${domainName}";
settings = {
log.level = "info";
cache = {
enabled = true;
port = 7777;
external_server = "https://act-cache.labs.adtya.xyz/";
};
};
};
};
};

View file

@ -1,6 +1,6 @@
{ lib, config, ... }:
let
inherit (import ../../../shared/caddy-helpers.nix) logFormat tlsAcmeDnsChallenge;
inherit (import ../../../shared/caddy-helpers.nix) logFormat;
domainName = "ntfy.acomputer.lol";
in
{
@ -9,7 +9,6 @@ in
"${config.networking.hostName}.labs.adtya.xyz" = {
inherit logFormat;
extraConfig = ''
${tlsAcmeDnsChallenge}
handle /ntfy-metrics {
uri replace /ntfy-metrics /metrics
reverse_proxy ${config.services.ntfy-sh.settings.metrics-listen-http}