added caddy global config

2022-10-26 23:04:53 +01:00 · 2022-10-26 23:04:53 +01:00 · 123a14d88b
commit 123a14d88b
parent 00fbb12d5c
3 changed files with 35 additions and 0 deletions
--- a/hosts/vm.strangervm.ts.hillion.co.uk/default.nix
+++ b/hosts/vm.strangervm.ts.hillion.co.uk/default.nix
@ -10,6 +10,7 @@
    ./hardware-configuration.nix
    ../../modules/common/default.nix
    ../../modules/secrets/tailscale/vm.strangervm.ts.hillion.co.uk.nix
+    ../../modules/reverse-proxy/global.nix
  ];

  boot.loader.grub = {
--- a/modules/common/default.nix
+++ b/modules/common/default.nix
@ -50,4 +50,5 @@
    nameservers = [ "1.1.1.1" "8.8.8.8" "100.100.100.100" ];
    networkmanager.dns = "none";
  };
+  networking.firewall.enable = true;
 }
--- a/modules/reverse-proxy/global.nix
+++ b/modules/reverse-proxy/global.nix
@ -0,0 +1,33 @@
+{ pkgs, lib, config, ... }:
+
+{
+  networking.firewall = {
+    allowedTCPPorts = [ 80 443 ];
+    allowedUDPPorts = [ 443 ];
+  };
+
+  services.caddy = {
+    enable = true;
+  
+    virtualHosts."ts.hillion.co.uk".extraConfig = ''
+      reverse_proxy http://10.48.62.14:8080
+    '';
+    virtualHosts."gitea.hillion.co.uk".extraConfig = ''
+      reverse_proxy http://gitea.gitea.ts.hillion.co.uk:3000
+    '';
+    virtualHosts."homeassistant.hillion.co.uk".extraConfig = ''
+      reverse_proxy http://homeassistant.homeassistant.ts.hillion.co.uk:8123
+    '';
+    virtualHosts."emby.hillion.co.uk".extraConfig = ''
+      reverse_proxy http://plex.mediaserver.ts.hillion.co.uk:8096
+    '';
+    virtualHosts."unifi.hillion.co.uk".extraConfig = ''
+      reverse_proxy https://unifi.unifi.ts.hillion.co.uk:8443 {
+        transport http {
+          tls_insecure_skip_verify
+        }
+      }
+    '';
+  };
+}
+