move caddy to server
This commit is contained in:
parent
40950c647d
commit
1536dd001c
4 changed files with 22 additions and 15 deletions
2
Makefile
2
Makefile
|
|
@ -6,4 +6,4 @@ rebuild-pi:
|
||||||
NIX_SSHOPTS="-o IdentitiesOnly=yes -i ~/.ssh/id_rsa" nixos-rebuild switch --flake .#pi --target-host pi --build-host server --use-remote-sudo
|
NIX_SSHOPTS="-o IdentitiesOnly=yes -i ~/.ssh/id_rsa" nixos-rebuild switch --flake .#pi --target-host pi --build-host server --use-remote-sudo
|
||||||
|
|
||||||
deploy-server:
|
deploy-server:
|
||||||
nixos-rebuild switch --flake .#server --target-host server --build-host server --use-remote-sudo
|
nixos-rebuild switch --flake .#server --target-host server --build-host server --use-remote-sudo --ask-sudo-password
|
||||||
|
|
|
||||||
|
|
@ -44,11 +44,9 @@ in {
|
||||||
firewall.allowedTCPPorts = [80 443];
|
firewall.allowedTCPPorts = [80 443];
|
||||||
};
|
};
|
||||||
|
|
||||||
services.caddy = {
|
services.pihole-ftl = {
|
||||||
enable = true;
|
enable = true;
|
||||||
virtualHosts."mealie.polensky.me".extraConfig = ''
|
openFirewallDHCP = true;
|
||||||
reverse_proxy http://192.168.1.242:9000
|
|
||||||
'';
|
|
||||||
};
|
};
|
||||||
|
|
||||||
services.prometheus.exporters = {
|
services.prometheus.exporters = {
|
||||||
|
|
@ -73,7 +71,7 @@ in {
|
||||||
users."${user}" = {
|
users."${user}" = {
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
#hashedPasswordFile = config.sops.secrets.pi_user_pass.path;
|
#hashedPasswordFile = config.sops.secrets.pi_user_pass.path;
|
||||||
extraGroups = ["wheel" "docker"];
|
extraGroups = ["wheel" "pihole"];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -21,6 +21,13 @@ in {
|
||||||
|
|
||||||
services.openssh.enable = true;
|
services.openssh.enable = true;
|
||||||
|
|
||||||
|
services.caddy = {
|
||||||
|
enable = true;
|
||||||
|
virtualHosts."mealie.polensky.me".extraConfig = ''
|
||||||
|
reverse_proxy http://127.0.0.1:9000
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
# observability
|
# observability
|
||||||
services = {
|
services = {
|
||||||
grafana = {
|
grafana = {
|
||||||
|
|
@ -41,12 +48,12 @@ in {
|
||||||
{
|
{
|
||||||
job_name = "node-exporters-lan";
|
job_name = "node-exporters-lan";
|
||||||
static_configs = [
|
static_configs = [
|
||||||
{
|
#{
|
||||||
targets = ["192.168.1.241:9100"];
|
# targets = ["192.168.1.241:9100"];
|
||||||
labels = {
|
# labels = {
|
||||||
instance = "pi";
|
# instance = "pi";
|
||||||
};
|
# };
|
||||||
}
|
#}
|
||||||
{
|
{
|
||||||
targets = ["127.0.0.1:9100"];
|
targets = ["127.0.0.1:9100"];
|
||||||
labels = {
|
labels = {
|
||||||
|
|
@ -94,6 +101,8 @@ in {
|
||||||
networking = {
|
networking = {
|
||||||
hostName = "server";
|
hostName = "server";
|
||||||
firewall.allowedTCPPorts = [
|
firewall.allowedTCPPorts = [
|
||||||
|
80
|
||||||
|
443
|
||||||
9090 # prometheus
|
9090 # prometheus
|
||||||
3000 # grafana
|
3000 # grafana
|
||||||
8096 # jellyfin
|
8096 # jellyfin
|
||||||
|
|
|
||||||
6
flake.lock
generated
6
flake.lock
generated
|
|
@ -193,11 +193,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_3": {
|
"nixpkgs_3": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1747744144,
|
"lastModified": 1752480373,
|
||||||
"narHash": "sha256-W7lqHp0qZiENCDwUZ5EX/lNhxjMdNapFnbErcbnP11Q=",
|
"narHash": "sha256-JHQbm+OcGp32wAsXTE/FLYGNpb+4GLi5oTvCxwSoBOA=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "2795c506fe8fb7b03c36ccb51f75b6df0ab2553f",
|
"rev": "62e0f05ede1da0d54515d4ea8ce9c733f12d9f08",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue