From 82cfd6220be6b284f78cb67f52c533e4da710d29 Mon Sep 17 00:00:00 2001 From: notohh Date: Mon, 15 May 2023 03:49:48 -0400 Subject: [PATCH] services: init loadbalancers, forgejo, etc --- modules/services/default.nix | 1 + modules/services/forgejo.nix | 16 +++++++++++++ modules/services/foundryvtt.nix | 3 +++ modules/services/homepage.nix | 5 +++- modules/services/hugo.nix | 3 +++ modules/services/searxng.nix | 3 +++ modules/services/stash.nix | 3 +++ modules/services/traefik.nix | 41 ++++++++++++++++++++++----------- 8 files changed, 61 insertions(+), 14 deletions(-) create mode 100644 modules/services/forgejo.nix diff --git a/modules/services/default.nix b/modules/services/default.nix index 8068404..948715a 100644 --- a/modules/services/default.nix +++ b/modules/services/default.nix @@ -6,5 +6,6 @@ ./hugo.nix ./stash.nix ./foundryvtt.nix + ./forgejo.nix ]; } diff --git a/modules/services/forgejo.nix b/modules/services/forgejo.nix new file mode 100644 index 0000000..3d52222 --- /dev/null +++ b/modules/services/forgejo.nix @@ -0,0 +1,16 @@ +{pkgs, ...}: { + services.gitea = { + enable = true; + package = pkgs.forgejo; + stateDir = "/sakura/forjo"; + settings = { + # service.DISABLE_REGISTRATION = true; + server = { + HTTP_PORT = 3000; + DOMAIN = "git.notohh.dev"; + ROOT_URL = "https://git.notohh.dev"; + LANDING_PAGE = "/explore/repos"; + }; + }; + }; +} diff --git a/modules/services/foundryvtt.nix b/modules/services/foundryvtt.nix index 14a5daf..38eab70 100644 --- a/modules/services/foundryvtt.nix +++ b/modules/services/foundryvtt.nix @@ -10,5 +10,8 @@ /run/secrets/foundry-username /run/secrets/foundry-password ]; + ports = [ + "30000:30000" + ]; }; } diff --git a/modules/services/homepage.nix b/modules/services/homepage.nix index 2ec4512..cbca0c9 100644 --- a/modules/services/homepage.nix +++ b/modules/services/homepage.nix @@ -1,9 +1,12 @@ -{pkgs, ...}: { +{config, ...}: { virtualisation.oci-containers.containers.homepage = { image = "ghcr.io/benphelps/homepage"; volumes = [ "/home/notoh/docker/homepage:/app/config" "/var/run/docker.sock:/var/run/docker.sock:ro" ]; + ports = [ + "3005:3000" + ]; }; } diff --git a/modules/services/hugo.nix b/modules/services/hugo.nix index 00fa7a3..b758dbb 100644 --- a/modules/services/hugo.nix +++ b/modules/services/hugo.nix @@ -6,5 +6,8 @@ volumes = [ "/home/notoh/docker/hugo:/src" ]; + ports = [ + "1313:1313" + ]; }; } diff --git a/modules/services/searxng.nix b/modules/services/searxng.nix index 729649d..95e8820 100644 --- a/modules/services/searxng.nix +++ b/modules/services/searxng.nix @@ -7,5 +7,8 @@ environment = { INSTANCE_NAME = "SearXNG"; }; + ports = [ + "8085:8080" + ]; }; } diff --git a/modules/services/stash.nix b/modules/services/stash.nix index 0d4b0b7..db7f5c7 100644 --- a/modules/services/stash.nix +++ b/modules/services/stash.nix @@ -16,5 +16,8 @@ "/home/notoh/docker/stash/cache:/cache" "/home/notoh/docker/stash/generated:/generated" ]; + ports = [ + "9999:9999" + ]; }; } diff --git a/modules/services/traefik.nix b/modules/services/traefik.nix index 741484c..0854329 100644 --- a/modules/services/traefik.nix +++ b/modules/services/traefik.nix @@ -12,9 +12,16 @@ }; services.traefik = { enable = true; - group = "docker"; dynamicConfigOptions = { http = { + services = { + homepage.loadBalancer.servers = [{url = "http://localhost:3005";}]; + searxng.loadBalancer.servers = [{url = "http://localhost:8085";}]; + hugo.loadBalancer.servers = [{url = "http://localhost:1313";}]; + stash.loadBalancer.servers = [{url = "http://localhost:9999";}]; + foundryvtt.loadBalancer.servers = [{url = "http://localhost:30000";}]; + gitea.loadBalancer.servers = [{url = "http://localhost:3000";}]; + }; routers = { api = { rule = "PathPrefix(`/api/`)"; @@ -24,29 +31,36 @@ homepage = { rule = "Host(`dashboard.lab`)"; entrypoints = ["web"]; - service = "homepage@docker"; + service = "homepage"; }; searxng = { rule = "Host(`searxng.lab`)"; entrypoints = ["web"]; - service = "searxng@docker"; - }; - hugo = { - rule = "Host(`notohh.dev`)"; - entryPoints = ["websecure"]; - service = "hugo@docker"; - tls.domains = [{main = "*.notohh.dev";}]; - tls.certresolver = "staging"; + service = "searxng"; }; stash = { rule = "Host(`stash.lab`)"; entrypoints = ["web"]; - service = "stash@docker"; + service = "stash"; + }; + hugo = { + rule = "Host(`notohh.dev`)"; + entryPoints = ["websecure"]; + service = "hugo"; + tls.domains = [{main = "*.notohh.dev";}]; + tls.certresolver = "staging"; }; foundryvtt = { rule = "Host(`foundry.notohh.dev`)"; entrypoints = ["websecure"]; - service = "foundryvtt@docker"; + service = "foundryvtt"; + tls.domains = [{main = "*.notohh.dev";}]; + tls.certresolver = "staging"; + }; + gitea = { + rule = "Host(`git.notohh.dev`)"; + entrypoints = ["websecure"]; + service = "gitea"; tls.domains = [{main = "*.notohh.dev";}]; tls.certresolver = "staging"; }; @@ -57,7 +71,6 @@ log.level = "DEBUG"; api.dashboard = true; api.insecure = true; - providers.docker = true; global = { checkNewVersion = false; sendAnonymousUsage = false; @@ -73,6 +86,7 @@ caServer = "https://acme-staging-v02.api.letsencrypt.org/directory"; dnsChallenge = { provider = "cloudflare"; + resolvers = ["1.1.1.1:53" "1.0.0.1:53"]; delayBeforeCheck = "0"; }; }; @@ -82,6 +96,7 @@ caServer = "https://acme-v02.api.letsencrypt.org/directory"; dnsChallenge = { provider = "cloudflare"; + resolvers = ["1.1.1.1:53" "1.0.0.1:53"]; delayBeforeCheck = "0"; }; };