Gitiles
Code Review Sign In
git.clicks.codes / Infra / NixFiles / 8e32c83ef8dee4fe13f40263e72b620dc25b409a / . / modules / caddy / caddyfile.nix
blob: 5d890bd3630d123ecf7455b1a7df979902eee5f4 [file] [log] [blame]
Skyler Grey40ab9af2023-05-20 18:03:53 +0200[diff] [blame]1let
2 HTTPReverseProxyRoute = hosts: upstreams: {
3 handle = [
4 {
5 handler = "subroute";
6 routes = [
7 {
8 handle = [
9 {
10 handler = "reverse_proxy";
11 upstreams = map (upstream: { dial = upstream; }) upstreams;
12 }
13 ];
14 }
15 ];
16 }
17 ];
18 match = [{ host = hosts; }];
19 terminal = true;
20 };
21 HTTPRedirectRoute = hosts: goto: {
22 handle = [
23 {
24 handler = "subroute";
25 routes = [
26 {
27 handle = [
28 {
29 handler = "static_response";
30 headers = { Location = [ goto ]; };
31 status_code = 302;
32 }
33 ];
34 }
35 ];
36 }
37 ];
38 match = [{ host = hosts; }];
39 terminal = true;
40 };
41 TCPReverseProxyRoute = ports: upstreams: {
42 listen = map (port: "0.0.0.0:${toString port}") ports;
43 routes = [
44 {
45 handle = [
46 {
47 handler = "proxy";
48 proxy_protocol = "v2";
49 upstreams = [{ dial = upstreams; }];
50 }
51 ];
52 }
53 ];
54 };
55in
56{
57 apps = {
58 http = {
59 servers = {
60 srv0 = {
61 listen = [ ":443" ];
62 routes = [
63 (HTTPReverseProxyRoute [ "signup.hopescaramels.com" ] [ "192.168.0.4:3035" ])
64 (HTTPReverseProxyRoute [ "homebridge.coded.codes" ] [ "localhost:8581" ])
65 {
66 handle = [
67 {
68 handler = "subroute";
69 routes = [
70 {
71 handle = [
72 {
73 error = "You can't access admin routes from outside the server. Please use SSH tunneling, cURL on the host or similar";
74 handler = "error";
75 status_code = "403";
76 }
77 ];
78 match = [{ path = [ "/_dendrite/admin/*" "/_synapse/admin/*" ]; }];
79 terminal = true;
80 }
81 {
82 handle = [
83 {
84 handler = "reverse_proxy";
85 transport = { protocol = "http"; };
86 upstreams = [{ dial = "localhost:4527"; }];
87 }
88 ];
89 }
90 ];
91 }
92 ];
93 match = [{ host = [ "matrix-backend.coded.codes" ]; }];
94 terminal = true;
95 }
96 (HTTPReverseProxyRoute
97 [
98 "mail.coded.codes"
99 "mail.clicks.codes"
100 "mail.hopescaramels.com"
101 ]
102 [ "localhost:1080" ]
103 )
104 (HTTPReverseProxyRoute [ "logs.clicks.codes" ] [ "localhost:9052" ])
105 (HTTPRedirectRoute
106 [
107 "hopescaramels.com"
108 "www.hopescaramels.com"
109 ]
110 "https://etsy.com/shop/HopesCaramels"
111 )
112 # (HTTPReverseProxyRoute [ "omv.coded.codes" ] [ "localhost:6773" ])
113 # (HTTPReverseProxyRoute [ "jellyfin.coded.codes" ] [ "localhost:8096" ])
114 (HTTPReverseProxyRoute [ "codedpc.coded.codes" ] [ "192.168.0.2:3389" ])
115 (HTTPReverseProxyRoute [ "testing.coded.codes" ] [ "192.168.0.2:3030" ])
116 (HTTPReverseProxyRoute [ "kavita.clicks.codes" ] [ "localhost:5000" ])
117 {
118 handle = [
119 {
120 handler = "subroute";
121 routes = [
122 {
123 handle = [
124 {
125 handler = "subroute";
126 routes = [
127 {
128 handle = [
129 {
130 handler = "rewrite";
131 strip_path_prefix = "/nucleus";
132 }
133 ];
134 }
135 {
136 handle = [
137 {
138 handler = "reverse_proxy";
139 upstreams = [{ dial = "127.0.0.1:10000"; }];
140 }
141 ];
142 }
143 ];
144 }
145 ];
146 match = [{ path = [ "/nucleus/*" ]; }];
147 }
148 {
149 handle = [
150 {
151 handler = "error";
152 error = "This API route does not exist";
153 status_code = 404;
154 }
155 ];
156 }
157 ];
158 }
159 ];
160 match = [{ host = [ "api.clicks.codes" ]; }];
161 terminal = true;
162 }
163 {
164 handle = [
165 {
166 handler = "subroute";
167 routes = [
168 {
169 handle = [
170 {
171 handler = "subroute";
172 routes = [
173 {
174 handle = [
175 {
176 handler = "rewrite";
177 strip_path_prefix = "/nucleus";
178 }
179 ];
180 }
181 {
182 handle = [
183 {
184 handler = "reverse_proxy";
185 upstreams = [{ dial = "192.168.0.2:10000"; }];
186 }
187 ];
188 }
189 ];
190 }
191 ];
192 match = [{ path = [ "/nucleus/*" ]; }];
193 }
194 {
195 handle = [
196 {
197 handler = "error";
198 error = "This API route does not exist";
199 status_code = 404;
200 }
201 ];
202 }
203 ];
204 }
205 ];
206 match = [{ host = [ "api.coded.codes" ]; }];
207 terminal = true;
208 }
209 (HTTPRedirectRoute
210 [
211 "www.clicks.codes"
212 ]
213 "https://clicks.codes{http.request.uri}"
214 )
215 (HTTPReverseProxyRoute [ "clicks.codes" ] [ "127.0.0.1:3000" ])
216 {
217 handle = [
218 {
219 handler = "subroute";
220 routes = [
221 {
222 handle = [
223 {
224 handler = "static_response";
225 status_code = 200;
226 body = builtins.readFile ./coded.codes/.well-known/matrix;
227 headers = { Access-Control-Allow-Origin = [ "*" ]; };
228 }
229 ];
230 match = [{
231 path = [
232 "/.well-known/matrix/server"
233 "/.well-known/matrix/client"
234 ];
235 }];
236 terminal = true;
237 }
238 {
239 handle = [
240 {
241 handler = "static_response";
242 headers = { Location = [ "https://clicks.codes{http.request.uri}" ]; };
243 status_code = 302;
244 }
245 ];
246 }
247 ];
248 }
249 ];
250 match = [{ host = [ "coded.codes" ]; }];
251 terminal = true;
252 }
253 ];
254 };
255 srv1 = {
256 listen = [ ":80" ];
257 routes = [
258 (HTTPReverseProxyRoute
259 [
260 "mail.clicks.codes"
261 "mail.coded.codes"
262 "mail.hopescaramels.com"
263 "autoconfig.coded.codes"
264 "autoconfig.clicks.codes"
265 "autoconfig.hopescaramels.com"
266 "imap.coded.codes"
267 "imap.clicks.codes"
268 "imap.hopescaramels.com"
269 "pop.coded.codes"
270 "pop.clicks.codes"
271 "pop.hopescaramels.com"
272 "smtp.coded.codes"
273 "smtp.clicks.codes"
274 "smtp.hopescaramels.com"
275 ]
276 [ "localhost:1080" ]
277 )
278 ];
279 };
280 };
281 };
282 layer4 = {
283 servers = {
284 imap-143 = (TCPReverseProxyRoute [ 143 ] [ "localhost:1143" ]);
285 imap-993 = (TCPReverseProxyRoute [ 993 ] [ "localhost:1993" ]);
286 pop-110 = (TCPReverseProxyRoute [ 110 ] [ "localhost:1110" ]);
287 pop-995 = (TCPReverseProxyRoute [ 995 ] [ "localhost:1995" ]);
288 smtp-25 = (TCPReverseProxyRoute [ 25 ] [ "localhost:1025" ]);
289 smtp-465 = (TCPReverseProxyRoute [ 465 ] [ "localhost:1465" ]);
290 smtp-587 = (TCPReverseProxyRoute [ 587 ] [ "localhost:1587" ]);
291 };
292 };
293 };
294}