hosts: reduce repition with let bindings

replaces (most) values that are repeatedly used w/ a let binding
so they can be updated from one place.
This commit is contained in:
notohh 2024-02-06 13:40:38 -05:00
parent 2e1655a890
commit ccd69ee47e
Signed by: notohh
GPG key ID: BD47506D475EE86D
11 changed files with 180 additions and 152 deletions

View file

@ -103,36 +103,38 @@
}; };
customDNS = { customDNS = {
customTTL = "1h"; customTTL = "1h";
mapping = { mapping = let
yukiIp = "192.168.1.98";
in {
# infra # infra
"truenas.internal.flake.sh" = "192.168.1.199"; "truenas.internal.flake.sh" = "192.168.1.199";
"hass.internal.flake.sh" = "192.168.1.98"; "hass.internal.flake.sh" = "${yukiIp}";
"dashboard.internal.flake.sh" = "192.168.1.98"; "dashboard.internal.flake.sh" = "${yukiIp}";
"udm.internal.flake.sh" = "192.168.1.1"; "udm.internal.flake.sh" = "192.168.1.1";
"pve.internal.flake.sh" = "192.168.1.37"; "pve.internal.flake.sh" = "192.168.1.37";
"pbs.internal.flake.sh" = "192.168.1.38"; "pbs.internal.flake.sh" = "192.168.1.38";
# media # media
"jellyfin.internal.flake.sh" = "192.168.1.98"; "jellyfin.internal.flake.sh" = "${yukiIp}";
"jellyseerr.internal.flake.sh" = "192.168.1.98"; "jellyseerr.internal.flake.sh" = "${yukiIp}";
"sonarr.internal.flake.sh" = "192.168.1.98"; "sonarr.internal.flake.sh" = "${yukiIp}";
"radarr.internal.flake.sh" = "192.168.1.98"; "radarr.internal.flake.sh" = "${yukiIp}";
"readarr.internal.flake.sh" = "192.168.1.98"; "readarr.internal.flake.sh" = "${yukiIp}";
"lidarr.internal.flake.sh" = "192.168.1.98"; "lidarr.internal.flake.sh" = "${yukiIp}";
"whisparr.internal.flake.sh" = "192.168.1.98"; "whisparr.internal.flake.sh" = "${yukiIp}";
"bazarr.internal.flake.sh" = "192.168.1.98"; "bazarr.internal.flake.sh" = "${yukiIp}";
"prowlarr.internal.flake.sh" = "192.168.1.98"; "prowlarr.internal.flake.sh" = "${yukiIp}";
"stash.internal.flake.sh" = "192.168.1.98"; "stash.internal.flake.sh" = "${yukiIp}";
"nextcloud.internal.flake.sh" = "192.168.1.199"; "nextcloud.internal.flake.sh" = "192.168.1.199";
# misc # misc
"wallos.internal.flake.sh" = "192.168.1.98"; "wallos.internal.flake.sh" = "${yukiIp}";
"synology.internal.flake.sh" = "192.168.1.71"; "synology.internal.flake.sh" = "192.168.1.71";
"paperless.internal.flake.sh" = "192.168.1.98"; "paperless.internal.flake.sh" = "${yukiIp}";
"rss.internal.flake.sh" = "192.168.1.98"; "rss.internal.flake.sh" = "${yukiIp}";
}; };
}; };
redis = { redis = {

View file

@ -13,13 +13,15 @@
mode = "0600"; mode = "0600";
restartUnits = ["minio.service"]; restartUnits = ["minio.service"];
}; };
services.minio = { services.minio = let
dataDir = "/var/lib/slab/minio";
in {
enable = true; enable = true;
region = "us-east-1"; region = "us-east-1";
consoleAddress = "0.0.0.0:9006"; consoleAddress = "0.0.0.0:9006";
listenAddress = "0.0.0.0:9005"; listenAddress = "0.0.0.0:9005";
rootCredentialsFile = config.sops.secrets.minio.path; rootCredentialsFile = config.sops.secrets.minio.path;
dataDir = ["/var/lib/slab/minio/data"]; dataDir = ["${dataDir}/data"];
configDir = "/var/lib/slab/minio/config"; configDir = "${dataDir}/config";
}; };
} }

View file

@ -8,16 +8,18 @@
jwtSecretFile = config.sops.secrets.authelia-jwt.path; jwtSecretFile = config.sops.secrets.authelia-jwt.path;
storageEncryptionKeyFile = config.sops.secrets.authelia-sek.path; storageEncryptionKeyFile = config.sops.secrets.authelia-sek.path;
}; };
settings = { settings = let
pqdn = "notohh.dev";
in {
log.level = "debug"; log.level = "debug";
theme = "dark"; theme = "dark";
default_2fa_method = "totp"; default_2fa_method = "totp";
default_redirection_url = "https://passport.notohh.dev/"; default_redirection_url = "https://passport.${pqdn}/";
authentication_backend = { authentication_backend = {
file.path = "/var/lib/authelia-default/user.yml"; file.path = "/var/lib/authelia-default/user.yml";
}; };
session = { session = {
domain = "notohh.dev"; domain = pqdn;
expiration = 3600; expiration = 3600;
inactivity = 300; inactivity = 300;
}; };
@ -38,7 +40,7 @@
default_policy = "deny"; default_policy = "deny";
rules = [ rules = [
{ {
domain = "notohh.dev"; domain = pqdn;
policy = "bypass"; policy = "bypass";
} }
]; ];
@ -51,13 +53,15 @@
notifier.filesystem = { notifier.filesystem = {
filename = "/var/lib/authelia-default/notif.txt"; filename = "/var/lib/authelia-default/notif.txt";
}; };
storage.postgres = { storage.postgres = let
dbInfo = "authelia";
in {
host = "192.168.1.211"; host = "192.168.1.211";
port = 5432; port = 5432;
database = "authelia"; database = dbInfo;
schema = "public"; schema = "public";
username = "authelia"; username = dbInfo;
password = "authelia"; password = dbInfo;
}; };
}; };
}; };

View file

@ -2,7 +2,11 @@
lib, lib,
config, config,
... ...
}: { }: let
sshPort = 2222;
dbHost = "192.168.1.211";
dbLogin = "forgejo";
in {
sops.secrets.smtp2go-pwd = {owner = "forgejo";}; sops.secrets.smtp2go-pwd = {owner = "forgejo";};
networking.firewall.allowedTCPPorts = [2222]; networking.firewall.allowedTCPPorts = [2222];
services.forgejo = { services.forgejo = {
@ -27,8 +31,8 @@
LANDING_PAGE = "/explore/repos"; LANDING_PAGE = "/explore/repos";
START_SSH_SERVER = true; START_SSH_SERVER = true;
SSH_DOMAIN = "git.flake.sh"; SSH_DOMAIN = "git.flake.sh";
SSH_PORT = 2222; SSH_PORT = sshPort;
SSH_LISTEN_PORT = 2222; SSH_LISTEN_PORT = sshPort;
SSH_LISTEN_HOST = "100.121.201.47"; SSH_LISTEN_HOST = "100.121.201.47";
}; };
session = { session = {
@ -39,15 +43,15 @@
}; };
database = { database = {
DB_TYPE = lib.mkForce "postgres"; DB_TYPE = lib.mkForce "postgres";
HOST = "192.168.1.211:5432"; HOST = "${dbHost}:5432";
NAME = "forgejo"; NAME = dbLogin;
USER = "forgejo"; USER = dbLogin;
PASSWD = "forgejo"; PASSWD = dbLogin;
}; };
cache = { cache = {
ENABLED = true; ENABLED = true;
ADAPTER = lib.mkForce "redis"; ADAPTER = lib.mkForce "redis";
HOST = "redis://:forgejo@100.94.214.100:6379"; HOST = "redis://:forgejo@${dbHost}:6379";
}; };
metrics = { metrics = {
ENABLED = true; ENABLED = true;

View file

@ -1,4 +1,7 @@
_: { _: let
prometheusPort = "9090";
dbLogin = "grafana";
in {
services.grafana = { services.grafana = {
enable = true; enable = true;
settings = { settings = {
@ -17,8 +20,8 @@ _: {
database = { database = {
type = "postgres"; type = "postgres";
host = "192.168.1.211:5432"; host = "192.168.1.211:5432";
name = "grafana"; name = dbLogin;
user = "grafana"; user = dbLogin;
ssl_mode = "disable"; ssl_mode = "disable";
}; };
panels = { panels = {
@ -32,49 +35,49 @@ _: {
{ {
name = "Prometheus"; name = "Prometheus";
type = "prometheus"; type = "prometheus";
url = "http://localhost:9090"; url = "http://localhost:${prometheusPort}";
orgId = 1; orgId = 1;
} }
{ {
name = "Prometheus-kariru"; name = "Prometheus-kariru";
type = "prometheus"; type = "prometheus";
url = "http://100.126.229.95:9090"; url = "http://100.126.229.95:${prometheusPort}";
orgId = 1; orgId = 1;
} }
{ {
name = "Prometheus-yuki"; name = "Prometheus-yuki";
type = "prometheus"; type = "prometheus";
url = "http://100.108.113.89:9090"; url = "http://100.108.113.89:${prometheusPort}";
orgId = 1; orgId = 1;
} }
{ {
name = "Prometheus-arashi"; name = "Prometheus-arashi";
type = "prometheus"; type = "prometheus";
url = "http://100.94.214.100:9090"; url = "http://100.94.214.100:${prometheusPort}";
orgId = 1; orgId = 1;
} }
{ {
name = "Prometheus-sora"; name = "Prometheus-sora";
type = "prometheus"; type = "prometheus";
url = "http://100.104.42.96:9090"; url = "http://100.104.42.96:${prometheusPort}";
orgId = 1; orgId = 1;
} }
{ {
name = "Prometheus-tsuru"; name = "Prometheus-tsuru";
type = "prometheus"; type = "prometheus";
url = "http://100.82.146.40:9090"; url = "http://100.82.146.40:${prometheusPort}";
orgId = 1; orgId = 1;
} }
{ {
name = "Prometheus-kaze"; name = "Prometheus-kaze";
type = "prometheus"; type = "prometheus";
url = "http://100.69.79.81:9090"; url = "http://100.69.79.81:${prometheusPort}";
orgId = 1; orgId = 1;
} }
{ {
name = "Prometheus-haru"; name = "Prometheus-haru";
type = "prometheus"; type = "prometheus";
url = "http://100.73.192.45:9090"; url = "http://100.73.192.45:${prometheusPort}";
orgId = 1; orgId = 1;
jsonData = { jsonData = {
graphiteVersion = "1.1"; graphiteVersion = "1.1";

View file

@ -2,7 +2,7 @@
networking.firewall.allowedTCPPorts = [8888]; networking.firewall.allowedTCPPorts = [8888];
services.atuin = { services.atuin = {
enable = true; enable = true;
openRegistration = true; openRegistration = false;
openFirewall = true; openFirewall = true;
host = "100.104.42.96"; host = "100.104.42.96";
port = 8888; port = 8888;

View file

@ -14,6 +14,6 @@
# ./terraria.nix # ./terraria.nix
# ./factorio.nix # ./factorio.nix
# ./minecraft.nix # ./minecraft.nix
./foundryvtt.nix # ./foundryvtt.nix
]; ];
} }

View file

@ -47,26 +47,14 @@
}; };
}; };
}; };
routers = { routers = let
pqdn = "flake.sh";
in {
api = { api = {
rule = "PathPrefix(`/api/`)"; rule = "PathPrefix(`/api/`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
service = "api@internal"; service = "api@internal";
}; };
uptime-kuma = {
rule = "Host(`status.flake.sh`)";
entrypoints = ["websecure"];
service = "uptime-kuma";
tls.domains = [{main = "*.flake.sh";}];
tls.certresolver = "production";
};
conduit = {
rule = "Host(`matrix.flake.sh`)";
entrypoints = ["websecure"];
service = "conduit";
tls.domains = [{main = "*.flake.sh";}];
tls.certresolver = "production";
};
authelia = { authelia = {
rule = "Host(`passport.notohh.dev`)"; rule = "Host(`passport.notohh.dev`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
@ -74,112 +62,132 @@
tls.domains = [{main = "*.notohh.dev";}]; tls.domains = [{main = "*.notohh.dev";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
uptime-kuma = {
rule = "Host(`status.${pqdn}`)";
entrypoints = ["websecure"];
service = "uptime-kuma";
tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production";
};
conduit = {
rule = "Host(`matrix.${pqdn}`)";
entrypoints = ["websecure"];
service = "conduit";
tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production";
};
foundryvtt = { foundryvtt = {
rule = "Host(`foundry.flake.sh`)"; rule = "Host(`foundry.${pqdn}`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
service = "foundryvtt"; service = "foundryvtt";
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
forgejo = { forgejo = {
rule = "Host(`git.flake.sh`)"; rule = "Host(`git.${pqdn}`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
service = "forgejo"; service = "forgejo";
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
middlewares = "cors"; middlewares = "cors";
}; };
rustypaste = { rustypaste = {
rule = "Host(`i.flake.sh`)"; rule = "Host(`i.${pqdn}`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
service = "rustypaste"; service = "rustypaste";
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
grafana = { grafana = {
rule = "Host(`metrics.flake.sh`)"; rule = "Host(`metrics.${pqdn}`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
service = "grafana"; service = "grafana";
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
hedgedoc = { hedgedoc = {
rule = "Host(`scratch.flake.sh`)"; rule = "Host(`scratch.${pqdn}`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
service = "hedgedoc"; service = "hedgedoc";
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
vaultwarden = { vaultwarden = {
rule = "Host(`vault.flake.sh`)"; rule = "Host(`vault.${pqdn}`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
service = "vaultwarden"; service = "vaultwarden";
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
neko = { neko = {
rule = "Host(`neko.flake.sh`)"; rule = "Host(`neko.${pqdn}`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
service = "neko"; service = "neko";
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
justlog = { justlog = {
rule = "Host(`logs.flake.sh`)"; rule = "Host(`logs.${pqdn}`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
service = "justlog"; service = "justlog";
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
ntfy = { ntfy = {
rule = "Host(`ntfy.flake.sh`)"; rule = "Host(`ntfy.${pqdn}`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
service = "ntfy-sh"; service = "ntfy-sh";
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
attic = { attic = {
rule = "Host(`cache.flake.sh`)"; rule = "Host(`cache.${pqdn}`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
service = "attic"; service = "attic";
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
minio = { minio = {
rule = "Host(`s3.flake.sh`)"; rule = "Host(`s3.${pqdn}`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
service = "minio"; service = "minio";
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
middlewares = "cors-allow-all"; middlewares = "cors-allow-all";
}; };
woodpecker = { woodpecker = {
rule = "Host(`ci.flake.sh`)"; rule = "Host(`ci.${pqdn}`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
service = "woodpecker"; service = "woodpecker";
tls.domains = [{main = "*.flake.sh";}]; tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
}; };
services = { services = let
forgejo.loadBalancer = { sakuraIp = "100.121.201.47:";
passHostHeader = true; soraIp = "100.104.42.96:";
servers = [{url = "http://100.121.201.47:3200";}]; in {
}; # sora
uptime-kuma.loadBalancer.servers = [{url = "http://100.104.42.96:4000";}]; uptime-kuma.loadBalancer.servers = [{url = "http://${soraIp}4000";}];
conduit.loadBalancer.servers = [{url = "http://100.121.201.47:6167";}]; foundryvtt.loadBalancer.servers = [{url = "http://${soraIp}30000";}];
authelia.loadBalancer.servers = [{url = "http://100.121.201.47:9091";}]; ntfy-sh.loadBalancer.servers = [{url = "http://${soraIp}8090";}];
foundryvtt.loadBalancer.servers = [{url = "http://100.104.42.96:30000";}]; attic.loadBalancer.servers = [{url = "http://${soraIp}8200";}];
rustypaste.loadBalancer.servers = [{url = "http://100.121.201.47:8000";}];
grafana.loadBalancer.servers = [{url = "http://100.121.201.47:3100";}]; # sakura
hedgedoc.loadBalancer.servers = [{url = "http://100.121.201.47:3300";}]; forgejo.loadBalancer.servers = [{url = "http://${sakuraIp}3200";}];
vaultwarden.loadBalancer.servers = [{url = "http://100.121.201.47:8222";}]; conduit.loadBalancer.servers = [{url = "http://${sakuraIp}6167";}];
searxng.loadBalancer.servers = [{url = "http://100.121.201.47:8100";}]; authelia.loadBalancer.servers = [{url = "http://${sakuraIp}9091";}];
neko.loadBalancer.servers = [{url = "http://100.104.42.96:8085";}]; rustypaste.loadBalancer.servers = [{url = "http://${sakuraIp}8000";}];
justlog.loadBalancer.servers = [{url = "http://100.121.201.47:8025";}]; grafana.loadBalancer.servers = [{url = "http://${sakuraIp}3100";}];
ntfy-sh.loadBalancer.servers = [{url = "http://100.104.42.96:8090";}]; hedgedoc.loadBalancer.servers = [{url = "http://${sakuraIp}3300";}];
attic.loadBalancer.servers = [{url = "http://100.104.42.96:8200";}]; vaultwarden.loadBalancer.servers = [{url = "http://${sakuraIp}8222";}];
searxng.loadBalancer.servers = [{url = "http://${sakuraIp}8100";}];
justlog.loadBalancer.servers = [{url = "http://${sakuraIp}8025";}];
# kaze
minio.loadBalancer.servers = [{url = "http://100.69.79.81:9005";}]; minio.loadBalancer.servers = [{url = "http://100.69.79.81:9005";}];
# tsuru
woodpecker.loadBalancer.servers = [{url = "http://100.82.146.40:8200";}]; woodpecker.loadBalancer.servers = [{url = "http://100.82.146.40:8200";}];
}; };
}; };

View file

@ -37,7 +37,6 @@
distrobox distrobox
vscode-fhs vscode-fhs
obsidian-wayland obsidian-wayland
supersonic-wayland
jellyfin-mpv-shim jellyfin-mpv-shim
virt-manager virt-manager
imv imv

View file

@ -1,4 +1,6 @@
_: { _: let
storagePath = "/home/notoh/docker/stash";
in {
virtualisation.oci-containers.containers.stash = { virtualisation.oci-containers.containers.stash = {
image = "stashapp/stash@sha256:b3b59809d5be1d82467253ec9e2ee98628a0db7527d27a6c7daa75e1fcda7deb"; # v0.24.3 image = "stashapp/stash@sha256:b3b59809d5be1d82467253ec9e2ee98628a0db7527d27a6c7daa75e1fcda7deb"; # v0.24.3
ports = ["9999:9999"]; ports = ["9999:9999"];
@ -11,12 +13,12 @@ _: {
}; };
volumes = [ volumes = [
"/etc/localtime:/etc/localtime:ro" "/etc/localtime:/etc/localtime:ro"
"/home/notoh/docker/stash/.config:/root/.stash" "${storagePath}/.config:/root/.stash"
"/home/notoh/docker/stash/data:/data" "${storagePath}/data:/data"
"/home/notoh/docker/stash/.metadata:/metadata" "${storagePath}/.metadata:/metadata"
"/home/notoh/docker/stash/cache:/cache" "${storagePath}/cache:/cache"
"/home/notoh/docker/stash/generated:/generated" "${storagePath}/generated:/generated"
"/home/notoh/docker/stash/blobs:/blobs" "${storagePath}/blobs:/blobs"
]; ];
}; };
} }

View file

@ -13,7 +13,9 @@
enable = true; enable = true;
dynamicConfigOptions = { dynamicConfigOptions = {
http = { http = {
routers = { routers = let
fqdn = "internal.flake.sh";
in {
# local # local
api = { api = {
rule = "PathPrefix(`/api/`)"; rule = "PathPrefix(`/api/`)";
@ -21,113 +23,115 @@
service = "api@internal"; service = "api@internal";
}; };
homepage = { homepage = {
rule = "Host(`dashboard.internal.flake.sh`)"; rule = "Host(`dashboard.${fqdn}`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
service = "homepage"; service = "homepage";
tls.domains = [{main = "*.internal.flake.sh";}]; tls.domains = [{main = "*.${fqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
stash = { stash = {
rule = "Host(`stash.internal.flake.sh`)"; rule = "Host(`stash.${fqdn}`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
service = "stash"; service = "stash";
tls.domains = [{main = "*.internal.flake.sh";}]; tls.domains = [{main = "*.${fqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
jellyfin = { jellyfin = {
rule = "Host(`jellyfin.internal.flake.sh`)"; rule = "Host(`jellyfin.${fqdn}`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
service = "jellyfin"; service = "jellyfin";
tls.domains = [{main = "*.internal.flake.sh";}]; tls.domains = [{main = "*.${fqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
jellyseerr = { jellyseerr = {
rule = "Host(`jellyseerr.internal.flake.sh`)"; rule = "Host(`jellyseerr.${fqdn}`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
service = "jellyseerr"; service = "jellyseerr";
tls.domains = [{main = "*.internal.flake.sh";}]; tls.domains = [{main = "*.${fqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
wallos = { wallos = {
rule = "Host(`wallos.internal.flake.sh`)"; rule = "Host(`wallos.${fqdn}`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
service = "wallos"; service = "wallos";
tls.domains = [{main = "*.internal.flake.sh";}]; tls.domains = [{main = "*.${fqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
hass = { hass = {
rule = "Host(`hass.internal.flake.sh`)"; rule = "Host(`hass.${fqdn}`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
service = "hass"; service = "hass";
tls.domains = [{main = "*.internal.flake.sh";}]; tls.domains = [{main = "*.${fqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
paperless = { paperless = {
rule = "Host(`paperless.internal.flake.sh`)"; rule = "Host(`paperless.${fqdn}`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
service = "paperless"; service = "paperless";
tls.domains = [{main = "*.internal.flake.sh";}]; tls.domains = [{main = "*.${fqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
miniflux = { miniflux = {
rule = "Host(`rss.internal.flake.sh`)"; rule = "Host(`rss.${fqdn}`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
service = "miniflux"; service = "miniflux";
tls.domains = [{main = "*.internal.flake.sh";}]; tls.domains = [{main = "*.${fqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
# kariru # kariru
sonarr = { sonarr = {
rule = "Host(`sonarr.internal.flake.sh`)"; rule = "Host(`sonarr.${fqdn}`)";
entryPoints = ["websecure"]; entryPoints = ["websecure"];
service = "sonarr"; service = "sonarr";
tls.domains = [{main = "*.internal.flake.sh";}]; tls.domains = [{main = "*.${fqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
radarr = { radarr = {
rule = "Host(`radarr.internal.flake.sh`)"; rule = "Host(`radarr.${fqdn}`)";
entryPoints = ["websecure"]; entryPoints = ["websecure"];
service = "radarr"; service = "radarr";
tls.domains = [{main = "*.internal.flake.sh";}]; tls.domains = [{main = "*.${fqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
readarr = { readarr = {
rule = "Host(`readarr.internal.flake.sh`)"; rule = "Host(`readarr.${fqdn}`)";
entryPoints = ["websecure"]; entryPoints = ["websecure"];
service = "readarr"; service = "readarr";
tls.domains = [{main = "*.internal.flake.sh";}]; tls.domains = [{main = "*.${fqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
lidarr = { lidarr = {
rule = "Host(`lidarr.internal.flake.sh`)"; rule = "Host(`lidarr.${fqdn}`)";
entryPoints = ["websecure"]; entryPoints = ["websecure"];
service = "lidarr"; service = "lidarr";
tls.domains = [{main = "*.internal.flake.sh";}]; tls.domains = [{main = "*.${fqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
bazarr = { bazarr = {
rule = "Host(`bazarr.internal.flake.sh`)"; rule = "Host(`bazarr.${fqdn}`)";
entryPoints = ["websecure"]; entryPoints = ["websecure"];
service = "bazarr"; service = "bazarr";
tls.domains = [{main = "*.internal.flake.sh";}]; tls.domains = [{main = "*.${fqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
whisparr = { whisparr = {
rule = "Host(`whisparr.internal.flake.sh`)"; rule = "Host(`whisparr.${fqdn}`)";
entryPoints = ["websecure"]; entryPoints = ["websecure"];
service = "whisparr"; service = "whisparr";
tls.domains = [{main = "*.internal.flake.sh";}]; tls.domains = [{main = "*.${fqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
prowlarr = { prowlarr = {
rule = "Host(`prowlarr.internal.flake.sh`)"; rule = "Host(`prowlarr.${fqdn}`)";
entrypoints = ["websecure"]; entrypoints = ["websecure"];
service = "prowlarr"; service = "prowlarr";
tls.domains = [{main = "*.internal.flake.sh";}]; tls.domains = [{main = "*.${fqdn}";}];
tls.certresolver = "production"; tls.certresolver = "production";
}; };
}; };
services = { services = let
kariruHost = "192.168.1.54:";
in {
# local # local
stash.loadBalancer.servers = [{url = "http://localhost:9999";}]; stash.loadBalancer.servers = [{url = "http://localhost:9999";}];
homepage.loadBalancer.servers = [{url = "http://localhost:7676";}]; homepage.loadBalancer.servers = [{url = "http://localhost:7676";}];
@ -138,13 +142,13 @@
paperless.loadBalancer.servers = [{url = "http://localhost:28981";}]; paperless.loadBalancer.servers = [{url = "http://localhost:28981";}];
miniflux.loadBalancer.servers = [{url = "http://localhost:9000";}]; miniflux.loadBalancer.servers = [{url = "http://localhost:9000";}];
# kariru # kariru
sonarr.loadBalancer.servers = [{url = "http://192.168.1.54:8989";}]; sonarr.loadBalancer.servers = [{url = "http://${kariruHost}8989";}];
radarr.loadBalancer.servers = [{url = "http://192.168.1.54:7878";}]; radarr.loadBalancer.servers = [{url = "http://${kariruHost}7878";}];
readarr.loadBalancer.servers = [{url = "http://192.168.1.54:8787";}]; readarr.loadBalancer.servers = [{url = "http://${kariruHost}8787";}];
lidarr.loadBalancer.servers = [{url = "http://192.168.1.54:8686";}]; lidarr.loadBalancer.servers = [{url = "http://${kariruHost}8686";}];
bazarr.loadBalancer.servers = [{url = "http://192.168.1.54:6767";}]; bazarr.loadBalancer.servers = [{url = "http://${kariruHost}6767";}];
whisparr.loadBalancer.servers = [{url = "http://192.168.1.54:6969";}]; whisparr.loadBalancer.servers = [{url = "http://${kariruHost}6969";}];
prowlarr.loadBalancer.servers = [{url = "http://192.168.1.54:9696";}]; prowlarr.loadBalancer.servers = [{url = "http://${kariruHost}9696";}];
}; };
}; };
}; };