Blame - modules/caddy/caddyfile.nix - Infra/NixFiles

blob: a7deb60b9bfedc4a4fccc4627eddc2c5a0a2de48 [file] [log] [blame]

Skyler Grey	40ab9af	2023-05-20 18:03:53 +0200	[diff] [blame]	1	let
				2	HTTPReverseProxyRoute = hosts: upstreams: {
				3	handle = [
				4	{
				5	handler = "subroute";
				6	routes = [
				7	{
				8	handle = [
				9	{
				10	handler = "reverse_proxy";
				11	upstreams = map (upstream: { dial = upstream; }) upstreams;
				12	}
				13	];
				14	}
				15	];
				16	}
				17	];
				18	match = [{ host = hosts; }];
				19	terminal = true;
				20	};
				21	HTTPRedirectRoute = hosts: goto: {
				22	handle = [
				23	{
				24	handler = "subroute";
				25	routes = [
				26	{
				27	handle = [
				28	{
				29	handler = "static_response";
				30	headers = { Location = [ goto ]; };
				31	status_code = 302;
				32	}
				33	];
				34	}
				35	];
				36	}
				37	];
				38	match = [{ host = hosts; }];
				39	terminal = true;
				40	};
Skyler Grey	0e71dcd	2023-05-21 00:05:17 +0200	[diff] [blame]	41	HTTPFileServerRoute = hosts: root: {
				42	handle = [
				43	{
				44	handler = "subroute";
				45	routes = [
				46	{
				47	handle = [
				48	{
				49	handler = "file_server";
				50	inherit root;
				51	}
				52	];
				53	}
				54	];
				55	}
				56	];
				57	match = [{ host = hosts; }];
				58	terminal = true;
				59	};
				60
Skyler Grey	40ab9af	2023-05-20 18:03:53 +0200	[diff] [blame]	61	TCPReverseProxyRoute = ports: upstreams: {
				62	listen = map (port: "0.0.0.0:${toString port}") ports;
				63	routes = [
				64	{
				65	handle = [
				66	{
				67	handler = "proxy";
				68	proxy_protocol = "v2";
				69	upstreams = [{ dial = upstreams; }];
				70	}
				71	];
				72	}
				73	];
				74	};
				75	in
Skyler Grey	0e71dcd	2023-05-21 00:05:17 +0200	[diff] [blame]	76	{ pkgs, lib }: {
Skyler Grey	40ab9af	2023-05-20 18:03:53 +0200	[diff] [blame]	77	apps = {
				78	http = {
				79	servers = {
				80	srv0 = {
				81	listen = [ ":443" ];
				82	routes = [
				83	(HTTPReverseProxyRoute [ "signup.hopescaramels.com" ] [ "192.168.0.4:3035" ])
				84	(HTTPReverseProxyRoute [ "homebridge.coded.codes" ] [ "localhost:8581" ])
				85	{
				86	handle = [
				87	{
				88	handler = "subroute";
				89	routes = [
				90	{
				91	handle = [
				92	{
				93	error = "You can't access admin routes from outside the server. Please use SSH tunneling, cURL on the host or similar";
				94	handler = "error";
				95	status_code = "403";
				96	}
				97	];
				98	match = [{ path = [ "/_dendrite/admin/" "/_synapse/admin/" ]; }];
				99	terminal = true;
				100	}
				101	{
				102	handle = [
				103	{
				104	handler = "reverse_proxy";
				105	transport = { protocol = "http"; };
				106	upstreams = [{ dial = "localhost:4527"; }];
				107	}
				108	];
				109	}
				110	];
				111	}
				112	];
				113	match = [{ host = [ "matrix-backend.coded.codes" ]; }];
				114	terminal = true;
				115	}
				116	(HTTPReverseProxyRoute
				117	[
				118	"mail.coded.codes"
				119	"mail.clicks.codes"
				120	"mail.hopescaramels.com"
				121	]
				122	[ "localhost:1080" ]
				123	)
				124	(HTTPReverseProxyRoute [ "logs.clicks.codes" ] [ "localhost:9052" ])
				125	(HTTPRedirectRoute
				126	[
				127	"hopescaramels.com"
				128	"www.hopescaramels.com"
				129	]
				130	"https://etsy.com/shop/HopesCaramels"
				131	)
				132	# (HTTPReverseProxyRoute [ "omv.coded.codes" ] [ "localhost:6773" ])
				133	# (HTTPReverseProxyRoute [ "jellyfin.coded.codes" ] [ "localhost:8096" ])
				134	(HTTPReverseProxyRoute [ "codedpc.coded.codes" ] [ "192.168.0.2:3389" ])
				135	(HTTPReverseProxyRoute [ "testing.coded.codes" ] [ "192.168.0.2:3030" ])
				136	(HTTPReverseProxyRoute [ "kavita.clicks.codes" ] [ "localhost:5000" ])
				137	{
				138	handle = [
				139	{
				140	handler = "subroute";
				141	routes = [
				142	{
				143	handle = [
				144	{
				145	handler = "subroute";
				146	routes = [
				147	{
				148	handle = [
				149	{
				150	handler = "rewrite";
				151	strip_path_prefix = "/nucleus";
				152	}
				153	];
				154	}
				155	{
				156	handle = [
				157	{
				158	handler = "reverse_proxy";
				159	upstreams = [{ dial = "127.0.0.1:10000"; }];
				160	}
				161	];
				162	}
				163	];
				164	}
				165	];
				166	match = [{ path = [ "/nucleus/*" ]; }];
				167	}
				168	{
				169	handle = [
				170	{
				171	handler = "error";
				172	error = "This API route does not exist";
				173	status_code = 404;
				174	}
				175	];
				176	}
				177	];
				178	}
				179	];
				180	match = [{ host = [ "api.clicks.codes" ]; }];
				181	terminal = true;
				182	}
				183	{
				184	handle = [
				185	{
				186	handler = "subroute";
				187	routes = [
				188	{
				189	handle = [
				190	{
				191	handler = "subroute";
				192	routes = [
				193	{
				194	handle = [
				195	{
				196	handler = "rewrite";
				197	strip_path_prefix = "/nucleus";
				198	}
				199	];
				200	}
				201	{
				202	handle = [
				203	{
				204	handler = "reverse_proxy";
				205	upstreams = [{ dial = "192.168.0.2:10000"; }];
				206	}
				207	];
				208	}
				209	];
				210	}
				211	];
				212	match = [{ path = [ "/nucleus/*" ]; }];
				213	}
				214	{
				215	handle = [
				216	{
				217	handler = "error";
				218	error = "This API route does not exist";
				219	status_code = 404;
				220	}
				221	];
				222	}
				223	];
				224	}
				225	];
				226	match = [{ host = [ "api.coded.codes" ]; }];
				227	terminal = true;
				228	}
				229	(HTTPRedirectRoute
				230	[
				231	"www.clicks.codes"
				232	]
				233	"https://clicks.codes{http.request.uri}"
				234	)
				235	(HTTPReverseProxyRoute [ "clicks.codes" ] [ "127.0.0.1:3000" ])
				236	{
				237	handle = [
				238	{
				239	handler = "subroute";
				240	routes = [
				241	{
				242	handle = [
				243	{
				244	handler = "static_response";
				245	status_code = 200;
				246	body = builtins.readFile ./coded.codes/.well-known/matrix;
				247	headers = { Access-Control-Allow-Origin = [ "*" ]; };
				248	}
				249	];
				250	match = [{
				251	path = [
				252	"/.well-known/matrix/server"
				253	"/.well-known/matrix/client"
				254	];
				255	}];
				256	terminal = true;
				257	}
				258	{
				259	handle = [
				260	{
				261	handler = "static_response";
				262	headers = { Location = [ "https://clicks.codes{http.request.uri}" ]; };
				263	status_code = 302;
				264	}
				265	];
				266	}
				267	];
				268	}
				269	];
				270	match = [{ host = [ "coded.codes" ]; }];
				271	terminal = true;
				272	}
Skyler Grey	0e71dcd	2023-05-21 00:05:17 +0200	[diff] [blame]	273	(HTTPFileServerRoute [ "matrix.coded.codes" ] (
				274	pkgs.element-web.override {
				275	conf = {
				276	default_server_config = lib.pipe ./coded.codes/.well-known/matrix [
				277	builtins.readFile
				278	builtins.fromJSON
				279	];
				280	};
				281	}
				282	))
Skyler Grey	40ab9af	2023-05-20 18:03:53 +0200	[diff] [blame]	283	];
				284	};
				285	srv1 = {
				286	listen = [ ":80" ];
				287	routes = [
				288	(HTTPReverseProxyRoute
				289	[
				290	"mail.clicks.codes"
				291	"mail.coded.codes"
				292	"mail.hopescaramels.com"
				293	"autoconfig.coded.codes"
				294	"autoconfig.clicks.codes"
				295	"autoconfig.hopescaramels.com"
				296	"imap.coded.codes"
				297	"imap.clicks.codes"
				298	"imap.hopescaramels.com"
				299	"pop.coded.codes"
				300	"pop.clicks.codes"
				301	"pop.hopescaramels.com"
				302	"smtp.coded.codes"
				303	"smtp.clicks.codes"
				304	"smtp.hopescaramels.com"
				305	]
				306	[ "localhost:1080" ]
				307	)
				308	];
				309	};
				310	};
				311	};
				312	layer4 = {
				313	servers = {
				314	imap-143 = (TCPReverseProxyRoute [ 143 ] [ "localhost:1143" ]);
				315	imap-993 = (TCPReverseProxyRoute [ 993 ] [ "localhost:1993" ]);
				316	pop-110 = (TCPReverseProxyRoute [ 110 ] [ "localhost:1110" ]);
				317	pop-995 = (TCPReverseProxyRoute [ 995 ] [ "localhost:1995" ]);
				318	smtp-25 = (TCPReverseProxyRoute [ 25 ] [ "localhost:1025" ]);
				319	smtp-465 = (TCPReverseProxyRoute [ 465 ] [ "localhost:1465" ]);
				320	smtp-587 = (TCPReverseProxyRoute [ 587 ] [ "localhost:1587" ]);
				321	};
				322	};
				323	};
				324	}