Loadsamoney

2025-05-09 00:22:34 +01:00
parent a3afa8eb2c
commit 1f137c2f0c
11 changed files with 206 additions and 91 deletions
--- a/modules/caddy/Caddyfile
+++ b/modules/caddy/Caddyfile
@@ -2,16 +2,12 @@
 	log {
 		level ERROR
 	}
-	admin off
+	# admin off
 	servers {
 		metrics
 	}
 }

-http://localhost:2019 {
-	metrics /metrics
-}
-
 matrix.broccoli.town {
 	reverse_proxy /_matrix/* http://localhost:8008
 	reverse_proxy /_synapse/client/* http://localhost:8008
@@ -25,26 +21,56 @@ broccoli.town:8448 {
 	reverse_proxy http://localhost:8008
 }

-broccoli.town {
-	header /.well-known/* "Access-Control-Allow-Origin" "*"
+radarr.broccoli.town {
+	bind 100.91.249.54

-	respond /.well-known/matrix/client `{ "m.homeserver": { "base_url": "https://broccoli.town" } }`
+	tls {
+		dns porkbun {
+			api_key {env.PORKBUN_API_KEY}
+			api_secret_key {env.PORKBUN_SECRET_KEY}
+		}
+	}

-	reverse_proxy /_matrix/* http://localhost:8008
-	reverse_proxy /_synapse/client/* http://localhost:8008
-
-	redir / https://chat.broccoli.town
+	reverse_proxy http://localhost:7878
 }

-chat.broccoli.town {
-	header {
-		X-Frame-Options "SAMEORIGIN"
-		X-XSS-Protection "1; mode=block"
-		X-Content-Type-Options "nosniff"
-		X-Robots-Tag "noindex, noarchive, nofollow"
+sab.broccoli.town {
+	bind 100.91.249.54
+
+	tls {
+		dns porkbun {
+			api_key {env.PORKBUN_API_KEY}
+			api_secret_key {env.PORKBUN_SECRET_KEY}
+		}
 	}
-	root * @element@
-	file_server
+
+	reverse_proxy http://localhost:8085
+}
+
+sonarr.broccoli.town {
+	bind 100.91.249.54
+
+	tls {
+		dns porkbun {
+			api_key {env.PORKBUN_API_KEY}
+			api_secret_key {env.PORKBUN_SECRET_KEY}
+		}
+	}
+
+	reverse_proxy localhost:8989
+}
+
+transmission.broccoli.town {
+	bind 100.91.249.54
+
+	tls {
+		dns porkbun {
+			api_key {env.PORKBUN_API_KEY}
+			api_secret_key {env.PORKBUN_SECRET_KEY}
+		}
+	}
+
+	reverse_proxy localhost:9091
 }

 danielpatterson.dev {
@@ -69,19 +95,14 @@ git.broccoli.town {
 }

 http://bigding:8384 {
+	bind 100.91.249.54
+
 	reverse_proxy localhost:8387
 }

-bigding.squirrel-clownfish.ts.net {
-	tls {
-		get_certificate tailscale
-	}
-	reverse_proxy localhost:9091
-}
-
 http://bigding {
-	reverse_proxy /transmission localhost:9091
-	reverse_proxy /transmission/* localhost:9091
+	bind 100.91.249.54
+
 	handle_path /prometheus/* {
 		reverse_proxy localhost:9090
 	}
--- a/modules/caddy/default.nix
+++ b/modules/caddy/default.nix
@@ -1,36 +1,20 @@
 {
  pkgs,
  lib,
+  config,
  ...
 }: {
  networking.firewall.allowedTCPPorts = [80 8448 443];

-  services.tailscale.permitCertUid = "caddy";
-
-  services.caddy = let
-    catppuccin = builtins.fromJSON (builtins.readFile (pkgs.fetchurl {
-      url = "https://raw.githubusercontent.com/catppuccin/element/main/config.json";
-      hash = "sha256-jaH6E2YO2np3Ewv6JQWbGRiRqsL75rIEJuKfXv95W6Y=";
-    }));
-
-    element = pkgs.element-web.override {
-      conf =
-        {
-          default_server_config."m.homeserver" = {
-            "base_url" = "https://broccoli.town";
-            "server_name" = "broccoli.town";
-          };
-        }
-        // catppuccin;
+  services.caddy = {
+    package = pkgs.caddy.withPlugins {
+      plugins = ["github.com/caddy-dns/porkbun@v0.2.1"];
+      hash = "sha256-X8QbRc2ahW1B5niV8i3sbfpe1OPYoaQ4LwbfeaWvfjg=";
    };
-
-    config = pkgs.substituteAll {
-      inherit element;
-      src = ./Caddyfile;
-    };
-  in {
    enable = true;
-    configFile = config;
+    enableReload = false;
    adapter = "caddyfile";
+    environmentFile = config.age.secrets.caddy_porkbun_api_env.path;
+    configFile = ./Caddyfile;
  };
 }