SebastianStork/nixos-config
1
0
Fork 0
mirror of https://github.com/SebastianStork/nixos-config.git synced 2026-01-21 22:11:33 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

caddy: Configure virtual hosts inside each web-service's module instead of in the host configs

Browse source
This commit is contained in:
SebastianStork 2025-11-08 22:52:01 +01:00
parent dfeb11dfbd
commit c9f05a040e
Signed by: SebastianStork
SSH key fingerprint: SHA256:tRrGdjYOwgHxpSc/wTOZQZEjxcb15P0tyXRsbAfd+2Q
23 changed files with 130 additions and 170 deletions
Download patch file Download diff file Expand all files Collapse all files

28
hosts/srv-public/default.nix
View file

@ -86,34 +86,6 @@
enable = true; enable = true;
domain = "alloy-${config.networking.hostName}.${config.custom.services.tailscale.domain}"; domain = "alloy-${config.networking.hostName}.${config.custom.services.tailscale.domain}";
}; };
caddy.virtualHosts =
let
inherit (config.custom) services;
in
{
personal-blog = {
inherit (services.personal-blog) domain port;
};
forgejo = {
inherit (services.forgejo) domain port;
};
outline = {
inherit (services.outline) domain port;
};
it-tools = {
inherit (services.it-tools) domain port;
};
stirling-pdf = {
inherit (services.stirling-pdf) domain port;
};
privatebin = {
inherit (services.privatebin) domain port;
};
alloy = {
inherit (services.alloy) domain port;
};
};
}; };
}; };
} }

25
hosts/vps-monitor/default.nix
View file

@ -85,31 +85,6 @@
enable = true; enable = true;
domain = "alloy-${config.networking.hostName}.${tailscaleDomain}"; domain = "alloy-${config.networking.hostName}.${tailscaleDomain}";
}; };
caddy.virtualHosts =
let
inherit (config.custom) services;
in
{
gatus = {
inherit (services.gatus) domain port;
};
ntfy = {
inherit (services.ntfy) domain port;
};
grafana = {
inherit (services.grafana) domain port;
};
victoriametrics = {
inherit (services.victoriametrics) domain port;
};
victorialogs = {
inherit (services.victorialogs) domain port;
};
alloy = {
inherit (services.alloy) domain port;
};
};
}; };
}; };
} }

28
hosts/vps-private/default.nix
View file

@ -76,34 +76,6 @@
enable = true; enable = true;
domain = "alloy-${config.networking.hostName}.${tailscaleDomain}"; domain = "alloy-${config.networking.hostName}.${tailscaleDomain}";
}; };
caddy.virtualHosts =
let
inherit (config.custom) services;
in
{
syncthing-gui = {
inherit (services.syncthing.gui) domain port;
};
filebrowser = {
inherit (services.filebrowser) domain port;
};
radicale = {
inherit (services.radicale) domain port;
};
memos = {
inherit (services.memos) domain port;
};
actualbudget = {
inherit (services.actualbudget) domain port;
};
freshrss = {
inherit (services.freshrss) domain port;
};
alloy = {
inherit (services.alloy) domain port;
};
};
}; };
}; };
} }

6
modules/system/services/syncthing.nix
View file

@ -133,10 +133,14 @@ in
}; };
custom = { custom = {
services.restic.backups.syncthing = lib.mkIf cfg.doBackups { services = {
caddy.virtualHosts.${cfg.gui.domain}.port = lib.mkIf (cfg.gui.domain != null) cfg.gui.port;
restic.backups.syncthing = lib.mkIf cfg.doBackups {
conflictingService = "syncthing.service"; conflictingService = "syncthing.service";
paths = [ dataDir ]; paths = [ dataDir ];
}; };
};
persist.directories = [ dataDir ]; persist.directories = [ dataDir ];
}; };

6
modules/system/web-services/actualbudget.nix
View file

@ -47,10 +47,14 @@ in
}; };
custom = { custom = {
services.restic.backups.actual = lib.mkIf cfg.doBackups { services = {
caddy.virtualHosts.${cfg.domain}.port = cfg.port;
restic.backups.actual = lib.mkIf cfg.doBackups {
conflictingService = "actual.service"; conflictingService = "actual.service";
paths = [ dataDir ]; paths = [ dataDir ];
}; };
};
persist.directories = [ dataDir ]; persist.directories = [ dataDir ];
}; };

2
modules/system/web-services/alloy.nix
View file

@ -168,5 +168,7 @@ in
''; '';
}; };
}; };
custom.services.caddy.virtualHosts.${cfg.domain}.port = cfg.port;
}; };
} }

6
modules/system/web-services/filebrowser.nix
View file

@ -53,10 +53,14 @@ in
}; };
custom = { custom = {
services.restic.backups.filebrowser = lib.mkIf cfg.doBackups { services = {
caddy.virtualHosts.${cfg.domain}.port = cfg.port;
restic.backups.filebrowser = lib.mkIf cfg.doBackups {
conflictingService = "filebrowser.service"; conflictingService = "filebrowser.service";
paths = [ dataDir ]; paths = [ dataDir ];
}; };
};
persist.directories = [ dataDir ]; persist.directories = [ dataDir ];
}; };

6
modules/system/web-services/forgejo/default.nix
View file

@ -119,10 +119,14 @@ in
''; '';
custom = { custom = {
services.restic.backups.forgejo = lib.mkIf cfg.doBackups { services = {
caddy.virtualHosts.${cfg.domain}.port = cfg.port;
restic.backups.forgejo = lib.mkIf cfg.doBackups {
conflictingService = "forgejo.service"; conflictingService = "forgejo.service";
paths = [ config.services.forgejo.stateDir ]; paths = [ config.services.forgejo.stateDir ];
}; };
};
persist.directories = [ config.services.forgejo.stateDir ]; persist.directories = [ config.services.forgejo.stateDir ];
}; };

6
modules/system/web-services/freshrss.nix
View file

@ -44,10 +44,14 @@ in
}; };
custom = { custom = {
services.restic.backups.freshrss = lib.mkIf cfg.doBackups { services = {
caddy.virtualHosts.${cfg.domain}.port = cfg.port;
restic.backups.freshrss = lib.mkIf cfg.doBackups {
conflictingService = "freshrss-updater.service"; conflictingService = "freshrss-updater.service";
paths = [ dataDir ]; paths = [ dataDir ];
}; };
};
persist.directories = [ dataDir ]; persist.directories = [ dataDir ];
}; };

70
modules/system/web-services/gatus.nix
View file

@ -103,37 +103,6 @@ in
RemoveIPC = true; RemoveIPC = true;
}; };
custom.services.gatus.endpoints =
let
defaultEndpoints =
self.nixosConfigurations
|> lib.mapAttrs (_: value: value.config.meta.domains.list)
|> lib.concatMapAttrs (
hostName: domains:
domains
|> lib.filter (domain: domain != cfg.domain)
|> lib.map (
domain:
lib.nameValuePair (lib'.subdomainOf domain) {
inherit domain;
group = hostName;
}
)
|> lib.listToAttrs
);
in
lib.mkIf cfg.generateDefaultEndpoints (
defaultEndpoints
// {
"healthchecks.io" = {
group = "external";
domain = "hc-ping.com";
path = "/\${HEALTHCHECKS_PING_KEY}/${config.networking.hostName}-gatus-uptime?create=1";
interval = "2h";
};
}
);
services.gatus = { services.gatus = {
enable = true; enable = true;
package = pkgs-unstable.gatus; # Unstable for the new UI package = pkgs-unstable.gatus; # Unstable for the new UI
@ -206,6 +175,43 @@ in
systemd.services.gatus.environment.GATUS_DELAY_START_SECONDS = "5"; systemd.services.gatus.environment.GATUS_DELAY_START_SECONDS = "5";
custom.persist.directories = [ dataDir ]; custom = {
services = {
gatus.endpoints =
let
defaultEndpoints =
self.nixosConfigurations
|> lib.mapAttrs (_: value: value.config.meta.domains.list)
|> lib.concatMapAttrs (
hostName: domains:
domains
|> lib.filter (domain: domain != cfg.domain)
|> lib.map (
domain:
lib.nameValuePair (lib'.subdomainOf domain) {
inherit domain;
group = hostName;
}
)
|> lib.listToAttrs
);
in
lib.mkIf cfg.generateDefaultEndpoints (
defaultEndpoints
// {
"healthchecks.io" = {
group = "external";
domain = "hc-ping.com";
path = "/\${HEALTHCHECKS_PING_KEY}/${config.networking.hostName}-gatus-uptime?create=1";
interval = "2h";
};
}
);
caddy.virtualHosts.${cfg.domain}.port = cfg.port;
};
persist.directories = [ dataDir ];
};
}; };
} }

2
modules/system/web-services/grafana.nix
View file

@ -170,5 +170,7 @@ in
); );
}; };
}; };
custom.services.caddy.virtualHosts.${cfg.domain}.port = cfg.port;
}; };
} }

16
modules/system/web-services/it-tools.nix
View file

@ -14,23 +14,11 @@ in
type = lib.types.nonEmptyStr; type = lib.types.nonEmptyStr;
default = ""; default = "";
}; };
port = lib.mkOption {
type = lib.types.port;
default = 8787;
};
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
meta = { meta.domains.list = [ cfg.domain ];
domains.list = [ cfg.domain ];
ports.tcp.list = [ cfg.port ];
};
services.static-web-server = { custom.services.caddy.virtualHosts.${cfg.domain}.files = "${pkgs.it-tools}/lib";
enable = true;
listen = "[::]:${toString cfg.port}";
root = "${pkgs.it-tools}/lib";
configuration.general.health = true;
};
}; };
} }

6
modules/system/web-services/memos.nix
View file

@ -55,10 +55,14 @@ in
}; };
custom = { custom = {
services.restic.backups.memos = lib.mkIf cfg.doBackups { services = {
caddy.virtualHosts.${cfg.domain}.port = cfg.port;
restic.backups.memos = lib.mkIf cfg.doBackups {
conflictingService = "memos.service"; conflictingService = "memos.service";
paths = [ dataDir ]; paths = [ dataDir ];
}; };
};
persist.directories = [ dataDir ]; persist.directories = [ dataDir ];
}; };

2
modules/system/web-services/ntfy.nix
View file

@ -30,5 +30,7 @@ in
web-root = "disable"; web-root = "disable";
}; };
}; };
custom.services.caddy.virtualHosts.${cfg.domain}.port = cfg.port;
}; };
} }

2
modules/system/web-services/openspeedtest.nix
View file

@ -26,5 +26,7 @@ in
ports = [ "127.0.0.1:${toString cfg.port}:3000" ]; ports = [ "127.0.0.1:${toString cfg.port}:3000" ];
pull = "newer"; pull = "newer";
}; };
custom.services.caddy.virtualHosts.${cfg.domain}.port = cfg.port;
}; };
} }

6
modules/system/web-services/outline.nix
View file

@ -73,7 +73,10 @@ in
inherit (config.services.outline) user; inherit (config.services.outline) user;
in in
{ {
services.restic.backups.outline = lib.mkIf cfg.doBackups { services = {
caddy.virtualHosts.${cfg.domain}.port = cfg.port;
restic.backups.outline = lib.mkIf cfg.doBackups {
conflictingService = "outline.service"; conflictingService = "outline.service";
paths = [ dataDir ]; paths = [ dataDir ];
extraConfig.backupPrepareCommand = '' extraConfig.backupPrepareCommand = ''
@ -81,6 +84,7 @@ in
''; '';
restoreCommand.postRestore = "sudo --user=${user} pg_restore --clean --if-exists --dbname outline ${dataDir}/db.dump"; restoreCommand.postRestore = "sudo --user=${user} pg_restore --clean --if-exists --dbname outline ${dataDir}/db.dump";
}; };
};
persist.directories = [ persist.directories = [
dataDir dataDir

14
modules/system/web-services/personal-blog.nix
View file

@ -16,17 +16,10 @@ in
type = lib.types.nonEmptyStr; type = lib.types.nonEmptyStr;
default = ""; default = "";
}; };
port = lib.mkOption {
type = lib.types.port;
default = 3890;
};
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
meta = { meta.domains.list = [ cfg.domain ];
domains.list = [ cfg.domain ];
ports.tcp.list = [ cfg.port ];
};
systemd.services.generate-blog = { systemd.services.generate-blog = {
serviceConfig.Type = "oneshot"; serviceConfig.Type = "oneshot";
@ -36,9 +29,6 @@ in
script = "nix build github:SebastianStork/blog --out-link ${dataDir} --refresh"; script = "nix build github:SebastianStork/blog --out-link ${dataDir} --refresh";
}; };
services.caddy.virtualHosts.":${toString cfg.port}".extraConfig = '' custom.services.caddy.virtualHosts.${cfg.domain}.files = dataDir;
root * ${dataDir}
file_server
'';
}; };
} }

2
modules/system/web-services/privatebin.nix
View file

@ -52,5 +52,7 @@ in
inherit (cfg) port; inherit (cfg) port;
}; };
}; };
custom.services.caddy.virtualHosts.${cfg.domain}.port = cfg.port;
}; };
} }

7
modules/system/web-services/radicale.nix
View file

@ -107,10 +107,15 @@ in
); );
custom = { custom = {
services.restic.backups.radicale = lib.mkIf cfg.doBackups { services = {
caddy.virtualHosts.${cfg.domain}.port = cfg.port;
restic.backups.radicale = lib.mkIf cfg.doBackups {
conflictingService = "radicale.service"; conflictingService = "radicale.service";
paths = [ dataDir ]; paths = [ dataDir ];
}; };
};
persist.directories = [ dataDir ]; persist.directories = [ dataDir ];
}; };
}; };

2
modules/system/web-services/stirling-pdf.nix
View file

@ -44,5 +44,7 @@ in
UI_HOMEDESCRIPTION = cfg.branding.description; UI_HOMEDESCRIPTION = cfg.branding.description;
}; };
}; };
custom.services.caddy.virtualHosts.${cfg.domain}.port = cfg.port;
}; };
} }

6
modules/system/web-services/uptime-kuma.nix
View file

@ -26,6 +26,10 @@ in
settings.PORT = toString cfg.port; settings.PORT = toString cfg.port;
}; };
custom.persist.directories = [ config.services.uptime-kuma.settings.DATA_DIR ]; custom = {
services.caddy.virtualHosts.${cfg.domain}.port = cfg.port;
persist.directories = [ config.services.uptime-kuma.settings.DATA_DIR ];
};
}; };
} }

6
modules/system/web-services/victorialogs.nix
View file

@ -57,6 +57,10 @@ in
listenAddress = "localhost:${toString cfg.port}"; listenAddress = "localhost:${toString cfg.port}";
}; };
custom.persist.directories = [ "/var/lib/${config.services.victorialogs.stateDir}" ]; custom = {
services.caddy.virtualHosts.${cfg.domain}.port = cfg.port;
persist.directories = [ "/var/lib/${config.services.victorialogs.stateDir}" ];
};
}; };
} }

6
modules/system/web-services/victoriametrics.nix
View file

@ -62,6 +62,10 @@ in
]; ];
}; };
custom.persist.directories = [ "/var/lib/${config.services.victoriametrics.stateDir}" ]; custom = {
services.caddy.virtualHosts.${cfg.domain}.port = cfg.port;
persist.directories = [ "/var/lib/${config.services.victoriametrics.stateDir}" ];
};
}; };
} }