steveej/infra
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

feat(router0-dmz0): init bpir3 based router

Browse source
This commit is contained in:
steveej 2023-08-10 21:45:49 +02:00
parent 5ec13b17b7
commit 6a2993b665
20 changed files with 1112 additions and 211 deletions
Download patch file Download diff file Expand all files Collapse all files

23
nix/os/containers/webserver.nix
View file

@ -5,7 +5,9 @@
httpPort ? 80,
httpsPort ? 443,
autoStart ? false,
}: {
}: let
domain = "www.stefanjunker.de";
in {
config = {
config,
pkgs,
@ -22,11 +24,6 @@
networking.firewall.enable = false;
services.ddclientovh = {
enable = true;
domain = "www.stefanjunker.de";
};
sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
sops.secrets.hedgedoc_environment_file = {
sopsFile = ./webserver_secrets.yaml;
@ -35,30 +32,30 @@
services.caddy = {
enable = true;
virtualHosts."${config.services.ddclientovh.domain}" = {
virtualHosts."${domain}" = {
extraConfig = let
port = "${builtins.toString config.services.authelia.instances.default.settings.server.port}";
path = "${config.services.authelia.instances.default.settings.server.path}";
in ''
redir /hedgedoc* https://hedgedoc.${config.services.ddclientovh.domain}
redir /hedgedoc* https://hedgedoc.${domain}
respond "Hi!"
'';
};
virtualHosts."hedgedoc.${config.services.ddclientovh.domain}" = {
virtualHosts."hedgedoc.${domain}" = {
extraConfig = ''
reverse_proxy http://[::1]:3000
'';
};
virtualHosts."authelia.${config.services.ddclientovh.domain}" = {
virtualHosts."authelia.${domain}" = {
extraConfig = ''
reverse_proxy http://127.0.0.1:${builtins.toString config.services.authelia.instances.default.settings.server.port}
'';
};
virtualHosts."lldap.${config.services.ddclientovh.domain}" = {
virtualHosts."lldap.${domain}" = {
extraConfig = ''
reverse_proxy http://127.0.0.1:${builtins.toString config.services.lldap.settings.http_port}
'';
@ -68,7 +65,7 @@
services.hedgedoc = {
enable = true;
settings = {
domain = "hedgedoc.${config.services.ddclientovh.domain}";
domain = "hedgedoc.${domain}";
urlPath = "";
protocolUseSSL = true;
db = {
@ -185,7 +182,7 @@
verbose = true;
ldap_base_dn = "dc=stefanjunker,dc=de";
http_url = "https://lldap.${config.services.ddclientovh.domain}";
http_url = "https://lldap.${domain}";
## Options to configure SMTP parameters, to send password reset emails.
## To set these options from environment variables, use the following format