v/infrastructure
1
0
Fork 0
Code Issues 13 Pull requests 1 Projects Releases Packages Activity Actions

updated hades nginx config

Browse source
This commit is contained in:
Vivian 2023-12-23 12:46:35 +01:00
parent 403dab967f
commit ce95a03797
9 changed files with 180 additions and 89 deletions
Download patch file Download diff file Expand all files Collapse all files

41
nixos/hosts/hades/default.nix
View file

@ -35,10 +35,18 @@
"overseerr" = {
ip = "192.168.0.105";
mac = "8E:21:7F:88:3A:83";
exposes.requests = {
domain = "requests.xirion.net";
port = 5055;
};
};
"tautulli" = {
ip = "192.168.0.106";
mac = "BE:30:DB:F8:C6:55";
exposes.tautulli = {
domain = "tautulli.xirion.net";
port = 8080;
};
};
"dns-1" = {
ip = "192.168.0.107";
@ -84,11 +92,6 @@
ip = "192.168.0.116";
mac = "06:8a:8e:3e:43:45";
};
"thelounge" = {
ip = "192.168.0.117";
mac = "00:0c:29:2a:69:8f";
nix = false;
};
"mail" = {
ip = "192.168.0.118";
mac = "00:50:56:91:3b:03";
@ -106,6 +109,16 @@
"garage" = {
ip = "192.168.0.121";
mac = "3A:19:32:A2:F8:96";
exposes = {
garage = {
domain = "g.xirion.net";
port = 3900;
};
fedi-media = {
domain = "fedi-media.xirion.net";
port = 3902;
};
};
};
"nginx" = {
ip = "192.168.0.122";
@ -138,10 +151,18 @@
"attic" = {
ip = "192.168.0.128";
mac = "9E:AF:E9:FE:D4:D9";
exposes.attic = {
domain = "attic.xirion.net";
port = 8080;
};
};
"hassio" = {
ip = "192.168.0.129";
mac = "e6:80:32:fb:00:75";
exposes.ha = {
domain = "ha.xirion.net";
port = 8123;
};
nix = false;
};
# "docker-registry" = {
@ -156,6 +177,16 @@
"tudelft" = {
ip = "192.168.0.132";
mac = "AE:B3:93:4B:04:76";
exposes = {
grist = {
domain = "grist.tud.0x76.dev";
port = 8484;
};
dex = {
domain = "dex.tud.0x76.dev";
port = 8000;
};
};
nix = false;
};
"mastodon" = {

4
nixos/hosts/hades/dns/configuration.nix
View file

@ -32,6 +32,8 @@
"mail.xirion.net typetransparent"
"plex.xirion.net typetransparent"
"fedi.xirion.net typetransparent"
"grist.tud.0x76.dev typetransparent"
"dex.tud.0x76.dev typetransparent"
];
local-data = [
@ -47,6 +49,8 @@
''"mail.xirion.net A 192.168.0.122"''
''"plex.xirion.net A 192.168.0.122"''
''"fedi.xirion.net A 192.168.0.122"''
''"grist.tud.0x76.dev A 192.168.0.122"''
''"dex.tud.0x76.dev A 192.168.0.122"''
];
};
}

31
nixos/hosts/hades/nginx/configuration.nix
View file

@ -31,6 +31,8 @@ in
preliminarySelfsigned = true;
};
services.v.nginx.autoExpose = true;
services.nginx = {
enable = true;
recommendedProxySettings = true;
@ -41,7 +43,6 @@ in
package = pkgs.nginxMainline;
virtualHosts = {
"ha.xirion.net" = proxy "http://192.168.0.129:8123";
"xirion.net" = {
enableACME = true;
forceSSL = true;
@ -49,6 +50,8 @@ in
add_header Content-Type 'text/html; charset=UTF-8';
return 200 'Hello, World!';
'';
# Mastodon federation
locations."= /.well-known/host-meta".extraConfig = ''
return 301 https://fedi.xirion.net$request_uri;
'';
@ -57,33 +60,9 @@ in
return 301 https://fedi.xirion.net$request_uri;
'';
};
"git.xirion.net" = proxy "http://10.10.10.12";
"o.xirion.net" = proxy "http://192.168.0.112:9000";
"g.xirion.net" = proxy "http://garage.hades:3900";
"requests.xirion.net" = proxy "http://overseerr.hades:5055";
"pass.xirion.net" = proxy "http://bitwarden_rs";
"repo.xirion.net" = proxy "http://archlinux";
"thelounge.xirion.net" = proxy "http://thelounge:9000";
"attic.xirion.net" = proxy "http://attic.hades:8080";
"tautulli.xirion.net" = proxy "http://tautulli.hades:8080";
"peepeepoopoo.xirion.net" = proxy "http://tautulli.hades:8080"; # Deprecated but Ricardo has it bookmarked already!
"registry.xirion.net" = proxy "http://docker-registry:5000"
// {
locations."/".extraConfig = ''
allow 127.0.0.1;
allow 10.42.42.0/23;
allow 10.10.10.1/24;
allow 192.168.0.0/23;
allow 80.60.83.220;
allow 83.128.154.23;
allow 62.45.26.248;
allow 195.85.167.32/29;
deny all;
'';
};
"plex.xirion.net" = {
# Since we want a secure connection, we force SSL
forceSSL = true;
@ -170,8 +149,6 @@ in
};
};
};
"fedi-media.xirion.net" = proxy "http://garage.hades:3902";
};
};
}