added caddy global config

This commit is contained in:
Jake Hillion 2022-10-26 23:04:53 +01:00
parent 00fbb12d5c
commit 123a14d88b
3 changed files with 35 additions and 0 deletions

View File

@ -10,6 +10,7 @@
./hardware-configuration.nix
../../modules/common/default.nix
../../modules/secrets/tailscale/vm.strangervm.ts.hillion.co.uk.nix
../../modules/reverse-proxy/global.nix
];
boot.loader.grub = {

View File

@ -50,4 +50,5 @@
nameservers = [ "1.1.1.1" "8.8.8.8" "100.100.100.100" ];
networkmanager.dns = "none";
};
networking.firewall.enable = true;
}

View File

@ -0,0 +1,33 @@
{ pkgs, lib, config, ... }:
{
networking.firewall = {
allowedTCPPorts = [ 80 443 ];
allowedUDPPorts = [ 443 ];
};
services.caddy = {
enable = true;
virtualHosts."ts.hillion.co.uk".extraConfig = ''
reverse_proxy http://10.48.62.14:8080
'';
virtualHosts."gitea.hillion.co.uk".extraConfig = ''
reverse_proxy http://gitea.gitea.ts.hillion.co.uk:3000
'';
virtualHosts."homeassistant.hillion.co.uk".extraConfig = ''
reverse_proxy http://homeassistant.homeassistant.ts.hillion.co.uk:8123
'';
virtualHosts."emby.hillion.co.uk".extraConfig = ''
reverse_proxy http://plex.mediaserver.ts.hillion.co.uk:8096
'';
virtualHosts."unifi.hillion.co.uk".extraConfig = ''
reverse_proxy https://unifi.unifi.ts.hillion.co.uk:8443 {
transport http {
tls_insecure_skip_verify
}
}
'';
};
}