From 86feb4e601bcdf34b7f0f486970e936f793f6e2d Mon Sep 17 00:00:00 2001 From: Doloro1978 Date: Wed, 27 May 2026 10:59:28 +0100 Subject: [PATCH] stuff --- config/hosts/aspects/servers/rpi5.nix | 4 ++ config/modules/services/caddy.nix | 20 ++++----- config/modules/services/ddns.nix | 60 +++++++++++++++------------ config/modules/services/registry.nix | 2 +- 4 files changed, 49 insertions(+), 37 deletions(-) diff --git a/config/hosts/aspects/servers/rpi5.nix b/config/hosts/aspects/servers/rpi5.nix index b2b4fea..c6e0008 100644 --- a/config/hosts/aspects/servers/rpi5.nix +++ b/config/hosts/aspects/servers/rpi5.nix @@ -31,6 +31,10 @@ services.openssh.enable = true; nixpkgs.hostPlatform = "aarch64-linux"; + + nix.gc = { + automatic = true; + }; }; }; } diff --git a/config/modules/services/caddy.nix b/config/modules/services/caddy.nix index 034cb2f..6d1dc4b 100644 --- a/config/modules/services/caddy.nix +++ b/config/modules/services/caddy.nix @@ -3,18 +3,18 @@ __findFile, modules, ... -}: -{ +}: { # Basic caddy modules.services.provides.caddy = { - nixos = - { config, ... }: - { - services.caddy = { - enable = true; - email = "doloroo@proton.me"; - enableReload = true; - }; + nixos = {config, ...}: { + services.caddy = { + enable = true; + email = "doloroo@proton.me"; + enableReload = true; + globalConfig = '' + acme_ca https://acme-v02.api.letsencrypt.org/directory + ''; }; + }; }; } diff --git a/config/modules/services/ddns.nix b/config/modules/services/ddns.nix index c6216dc..3565901 100644 --- a/config/modules/services/ddns.nix +++ b/config/modules/services/ddns.nix @@ -3,35 +3,43 @@ __findFile, modules, ... -}: -{ +}: { # Basic traefik modules.services.provides.ddns = { - nixos = - { config, pkgs, ... }: - let - ddnsImg = pkgs.dockerTools.pullImage { - imageName = "qmcgaw/ddns-updater"; - imageDigest = "sha256:ee16ab4f6203bf9e5b0925d38a0b4ebf2d9f23771f933cfb2f5a2dbd5f9a2f88"; - finalImageName = "qmcgaw/ddns-updater"; - finalImageTag = "latest"; - sha256 = "sha256-dMCHkvoFaORmGwbIM9io4Vc9fq+wBks25k2dmnW7naI="; - arch = "arm64"; - }; - in - { - virtualisation.oci-containers.containers = { - ddns = { - image = "qmcgaw/ddns-updater"; - imageFile = ddnsImg; - volumes = [ - "/data/ddns:/updater/data" - "/etc/localtime:/etc/localtime:ro" - ]; - # ports = [ "0.0.0.0:8123:8123" ]; - # networks = [ "meow" ]; - }; + nixos = { + config, + pkgs, + ... + }: let + ddnsImg = pkgs.dockerTools.pullImage { + imageName = "qmcgaw/ddns-updater"; + imageDigest = "sha256:ee16ab4f6203bf9e5b0925d38a0b4ebf2d9f23771f933cfb2f5a2dbd5f9a2f88"; + finalImageName = "qmcgaw/ddns-updater"; + finalImageTag = "latest"; + sha256 = "sha256-dMCHkvoFaORmGwbIM9io4Vc9fq+wBks25k2dmnW7naI="; + arch = "arm64"; + }; + in { + virtualisation.oci-containers.containers = { + ddns = { + image = "qmcgaw/ddns-updater"; + imageFile = ddnsImg; + volumes = [ + "/data/ddns:/updater/data" + "/etc/localtime:/etc/localtime:ro" + ]; + ports = ["0.0.0.0:8125:8000"]; + # networks = [ "meow" ]; }; }; + services.caddy = pkgs.lib.mkIf config.services.caddy.enable { + virtualHosts."ddns.h.doloro.co.uk".extraConfig = '' + reverse_proxy :8125 + basic_auth { + doloro $2a$14$FH.UkwC0PUsQ7IEV9XLAf.6/11KLsugCbrX/o6dPTx7NBlJWv3aiO + } + ''; + }; + }; }; } diff --git a/config/modules/services/registry.nix b/config/modules/services/registry.nix index 129dc1b..1a87f25 100644 --- a/config/modules/services/registry.nix +++ b/config/modules/services/registry.nix @@ -40,7 +40,7 @@ allowedUDPPortRanges = []; }; services.caddy = pkgs.lib.mkIf config.services.caddy.enable { - virtualHosts."dockerRegistry.h.doloro.co.uk".extraConfig = '' + virtualHosts."https://reg.h.doloro.co.uk".extraConfig = '' reverse_proxy :5000 ''; };