mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

updates and formatting

Browse Source
This commit is contained in:
mjallen18
2025-01-21 11:43:08 -06:00
parent a774f7eb41
commit c4133aef37
16 changed files with 355 additions and 462 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
hosts/nas/apps/traefik/default.nix
View File

@@ -2,36 +2,36 @@
let
domain = "mjallen.dev";
authUrl = "http://10.0.1.18:9000/outpost.goauthentik.io";
authentikUrl = "http://10.0.1.18:9000";
collaboraUrl = "http://10.0.1.18:9980";
cloudUrl = "http://10.0.2.18:80";
jellyfinUrl = "http://10.0.1.18:8096";
authUrl = "http://10.0.1.18:9000/outpost.goauthentik.io";
authentikUrl = "http://10.0.1.18:9000";
collaboraUrl = "http://10.0.1.18:9980";
cloudUrl = "http://10.0.2.18:80";
jellyfinUrl = "http://10.0.1.18:8096";
jellyseerrUrl = "http://10.0.1.52:5055";
hassUrl = "http://10.0.1.183:8123";
openWebUIUrl = "http://10.0.1.18:8888";
paperlessUrl = "http://10.0.1.20:28981";
hassUrl = "http://10.0.1.183:8123";
openWebUIUrl = "http://10.0.1.18:8888";
paperlessUrl = "http://10.0.1.20:28981";
in
{
networking.firewall = {
allowedTCPPorts = [
80
443
8080
];
allowedUDPPorts = [
80
443
8080
];
};
allowedTCPPorts = [
80
443
8080
];
allowedUDPPorts = [
80
443
8080
];
};
services.traefik = {
enable = true;
dataDir = "/media/nas/ssd/nix-app-data/traefik";
group = "jallen-nas";
environmentFiles = [ "${config.services.traefik.dataDir}/traefik.env" ]; # todo: sops
staticConfigOptions = {
entryPoints = {
web = {
@@ -102,7 +102,7 @@ in
# "503"
# "505-599"
# ];
# service =
# service =
# };
# }
};
@@ -157,44 +157,44 @@ in
routers = {
auth = {
entryPoints = ["websecure"];
entryPoints = [ "websecure" ];
rule = "HostRegexp(`{subdomain:[a-z]+}.mjallen.dev`) && PathPrefix(`/outpost.goauthentik.io/`)";
service = "auth";
priority = 15;
tls.certResolver = "letsencrypt";
};
authentik = {
entryPoints = ["websecure"];
entryPoints = [ "websecure" ];
rule = "Host(`authentik.${domain}`)";
service = "authentik";
tls.certResolver = "letsencrypt";
};
collabora = {
entryPoints = ["websecure"];
entryPoints = [ "websecure" ];
rule = "Host(`office.${domain}`)";
service = "collabora";
tls.certResolver = "letsencrypt";
};
cloud = {
entryPoints = ["websecure"];
entryPoints = [ "websecure" ];
rule = "Host(`cloud.${domain}`)";
service = "cloud";
tls.certResolver = "letsencrypt";
};
jellyfin = {
entryPoints = ["websecure"];
entryPoints = [ "websecure" ];
rule = "Host(`jellyfin.${domain}`)";
service = "jellyfin";
tls.certResolver = "letsencrypt";
};
jellyseerr = {
entryPoints = ["websecure"];
entryPoints = [ "websecure" ];
rule = "Host(`jellyseerr.${domain}`)";
service = "jellyseerr";
tls.certResolver = "letsencrypt";
};
hass = {
entryPoints = ["websecure"];
entryPoints = [ "websecure" ];
rule = "Host(`hass.${domain}`)";
service = "hass";
middlewares = "authentik";
@@ -202,7 +202,7 @@ in
tls.certResolver = "letsencrypt";
};
open-webui = {
entryPoints = ["websecure"];
entryPoints = [ "websecure" ];
rule = "Host(`chat.${domain}`)";
service = "chat";
# middlewares = [ "authentik" ];
@@ -220,4 +220,4 @@ in
};
};
# todo: fail2ban/etc
}
}