gwg313/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

updating traefik and others

Browse source
This commit is contained in:
gwg313 2025-04-03 01:49:35 -04:00
parent 649f32545a
commit 1b8687a703
Signed by: gwg313
GPG key ID: 60FF63B4826B7400
16 changed files with 252 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

24
hosts/candlekeep/syncthing.nix
View file

@ -50,6 +50,30 @@
};
};
};
"password-store" = {
path = "/home/gwg313/.local/share/password-store";
devices = [ "grymforge" ];
versioning = {
type = "staggered";
params = {
cleanInterval = "3600";
maxAge = "15768000";
};
};
};
"ssh-keys" = {
path = "/home/gwg313/.ssh";
devices = [ "grymforge" ];
versioning = {
type = "staggered";
params = {
cleanInterval = "3600";
maxAge = "15768000";
};
};
};
};
};
};

22
hosts/grymforge/syncthing.nix
View file

@ -51,6 +51,28 @@
};
};
};
"password-store" = {
path = "/home/gwg313/.local/share/password-store";
devices = [ "candlekeep" ];
versioning = {
type = "staggered";
params = {
cleanInterval = "3600";
maxAge = "15768000";
};
};
};
"ssh-keys" = {
path = "/home/gwg313/.ssh";
devices = [ "candlekeep" ];
versioning = {
type = "staggered";
params = {
cleanInterval = "3600";
maxAge = "15768000";
};
};
};
};
};
};

41
hosts/seikan/routes.nix
View file

@ -33,6 +33,24 @@
url = "https://scholarsome.zerotier.gwg313.xyz";
}
];
pastebin_zt.loadBalancer.servers = [
{
url = "https://pastebin.zerotier.gwg313.xyz";
}
];
snippets_zt.loadBalancer.servers = [
{
url = "https://snippets.zerotier.gwg313.xyz";
}
];
git_zt.loadBalancer.servers = [
{
url = "https://git.zerotier.gwg313.xyz";
}
];
};
routers = {
@ -77,6 +95,29 @@
middlewares = [ "headers" ];
};
pastebin_zt = {
entryPoints = [ "websecure" ];
rule = "Host(`pastebin.gwg313.xyz`)";
service = "pastebin_zt";
tls.certResolver = "le";
middlewares = [ "headers" ];
};
snippets_zt = {
entryPoints = [ "websecure" ];
rule = "Host(`snippets.gwg313.xyz`)";
service = "snippets_zt";
tls.certResolver = "le";
middlewares = [ "headers" ];
};
git_zt = {
entryPoints = [ "websecure" ];
rule = "Host(`git.gwg313.xyz`)";
service = "git_zt";
tls.certResolver = "le";
middlewares = [ "headers" ];
};
};
};
};

15
hosts/seikan/traefik.nix
View file

@ -13,6 +13,12 @@
group = config.users.users.traefik.group;
};
sops.secrets.basic-auth = {
mode = "0440";
owner = config.users.users.traefik.name;
group = config.users.users.traefik.group;
};
systemd.services.traefik.environment = {
CF_DNS_API_TOKEN_FILE = "${config.sops.secrets.cf-api-token.path}";
};
@ -69,10 +75,10 @@
http = {
routers = {
dashboard = {
rule = "Host(`monitor.local.gwg313.xyz`)";
rule = "Host(`monitor.gwg313.xyz`)";
service = "api@internal";
middlewares = [
# "auth"
"auth"
"headers"
];
entrypoints = [ "websecure" ];
@ -82,6 +88,11 @@
};
};
middlewares = {
auth = {
basicAuth = {
usersFile = "${config.sops.secrets.basic-auth.path}";
};
};
headers = {
headers = {
browserxssfilter = true;

3
hosts/seikan/zerotier.nix
View file

@ -16,5 +16,8 @@
10.147.17.246 recipes.zerotier.gwg313.xyz
10.147.17.246 scholarsome.zerotier.gwg313.xyz
10.147.17.246 bookmarks.zerotier.gwg313.xyz
10.147.17.246 pastebin.zerotier.gwg313.xyz
10.147.17.246 snippets.zerotier.gwg313.xyz
10.147.17.246 git.zerotier.gwg313.xyz
'';
}

24
hosts/waypoint/routes.nix
View file

@ -46,6 +46,30 @@
middlewares = [ "headers" ];
};
pastebin = {
entryPoints = [ "websecure" ];
rule = "Host(`pastebin.gwg313.xyz`)";
service = "pastebin_local";
tls.certResolver = "le";
middlewares = [ "headers" ];
};
snippets = {
entryPoints = [ "websecure" ];
rule = "Host(`snippets.gwg313.xyz`)";
service = "snippets_local";
tls.certResolver = "le";
middlewares = [ "headers" ];
};
git = {
entryPoints = [ "websecure" ];
rule = "Host(`git.gwg313.xyz`)";
service = "git_local";
tls.certResolver = "le";
middlewares = [ "headers" ];
};
};
};
};

23
hosts/waypoint/routes_local.nix
View file

@ -61,6 +61,29 @@
middlewares = [ "headers" ];
};
privatebin_local = {
entryPoints = [ "websecure" ];
rule = "Host(`pastebin.local.gwg313.xyz`)";
service = "pastebin_local";
tls.certResolver = "le";
middlewares = [ "headers" ];
};
snippets_local = {
entryPoints = [ "websecure" ];
rule = "Host(`snippets.local.gwg313.xyz`)";
service = "snippets_local";
tls.certResolver = "le";
middlewares = [ "headers" ];
};
git_local = {
entryPoints = [ "websecure" ];
rule = "Host(`git.local.gwg313.xyz`)";
service = "git_local";
tls.certResolver = "le";
middlewares = [ "headers" ];
};
};
};
};

23
hosts/waypoint/routes_zerotier.nix
View file

@ -46,6 +46,29 @@
middlewares = [ "headers" ];
};
pastebin_zerotier = {
entryPoints = [ "websecure" ];
rule = "Host(`pastebin.zerotier.gwg313.xyz`)";
service = "pastebin_local";
tls.certResolver = "le";
middlewares = [ "headers" ];
};
snippets_zerotier = {
entryPoints = [ "websecure" ];
rule = "Host(`snippets.zerotier.gwg313.xyz`)";
service = "snippets_local";
tls.certResolver = "le";
middlewares = [ "headers" ];
};
git_zerotier = {
entryPoints = [ "websecure" ];
rule = "Host(`git.zerotier.gwg313.xyz`)";
service = "git_local";
tls.certResolver = "le";
middlewares = [ "headers" ];
};
};
};
};

16
hosts/waypoint/services.nix
View file

@ -50,6 +50,22 @@
url = "http://10.1.10.3:30099";
}
];
pastebin_local.loadBalancer.servers = [
{
url = "http://10.1.10.3:32090";
}
];
snippets_local.loadBalancer.servers = [
{
url = "http://10.1.10.3:31111";
}
];
git_local.loadBalancer.servers = [
{
url = "http://10.1.10.3:32221";
}
];
};
};