vleeuwenmenno/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ditched traefik for npm

Browse Source
This commit is contained in:
Menno van Leeuwen 2024-11-16 00:15:26 +01:00
parent 1e73386dca
commit 0270ac41bd
Signed by: vleeuwenmenno
SSH Key Fingerprint: SHA256:OJFmjANpakwD3F2Rsws4GLtbdz1TJ5tkQF0RZmF0TRE
6 changed files with 86 additions and 169 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
config/nixos/docker/default.nix
View File

@ -9,7 +9,7 @@
./gitea.nix ./gitea.nix
./golink.nix ./golink.nix
./plex.nix ./plex.nix
./upnp.nix ./nginx-proxy-manager.nix
]; ];
} }
# TODO: Import all the package modules, disabled for testing one by one. # TODO: Import all the package modules, disabled for testing one by one.

19
config/nixos/docker/nginx-proxy-manager.nix Normal file
View File

@ -0,0 +1,19 @@
{ config, pkgs, ... }:
{
environment.etc."docker/nginx-proxy-manager/docker-compose.yml".source = ./nginx-proxy-manager/docker-compose.yml;
environment.etc."docker/nginx-proxy-manager/.env".source = ./nginx-proxy-manager/.env;
systemd.services.nginx-proxy-manager = {
description = "nginx-proxy-manager Docker Compose Service";
after = [ "network-online.target" ];
wants = [ "network-online.target" ];
serviceConfig = {
ExecStart = "${pkgs.docker-compose}/bin/docker-compose -f /etc/docker/nginx-proxy-manager/docker-compose.yml up";
ExecStop = "${pkgs.docker-compose}/bin/docker-compose -f /etc/docker/nginx-proxy-manager/docker-compose.yml down";
WorkingDirectory = "/etc/docker/nginx-proxy-manager";
Restart = "always";
RestartSec = 10;
};
wantedBy = [ "multi-user.target" ];
};
}

66
config/nixos/docker/nginx-proxy-manager/docker-compose.yml Normal file
View File

@ -0,0 +1,66 @@
name: nginx-proxy-manager
services:
upnp:
image: ghcr.io/vleeuwenmenno/auto-upnp:latest
restart: unless-stopped
network_mode: host
environment:
UPNP_DURATION: 86400 # 24 hours in seconds
PORTS: |
[
{"port": 80, "protocol": "tcp"},
{"port": 443, "protocol": "tcp"}
]
server:
image: 'jc21/nginx-proxy-manager:latest'
restart: unless-stopped
ports:
- '80:80'
- '81:81'
- '443:443'
environment:
- PUID=1000
- PGID=1000
volumes:
- /mnt/services/proxy/nginx-proxy-manager/data:/data
- /mnt/services/proxy/nginx-proxy-manager/data/letsencrypt:/etc/letsencrypt
- /mnt/services/proxy/nginx/snippets:/snippets:ro
authelia:
container_name: authelia
image: authelia/authelia
restart: unless-stopped
ports:
- 9091:9091
volumes:
- /mnt/services/proxy/authelia/config:/config:ro
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Amsterdam
redis:
image: redis:alpine
container_name: redis
volumes:
- /mnt/services/proxy/redis:/data
expose:
- 6379
restart: unless-stopped
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Amsterdam
postgres:
environment:
- PUID=1000
- PGID=1000
- POSTGRES_DB=authelia
- POSTGRES_USER=authelia
- POSTGRES_PASSWORD=authelia
image: postgres:15.4-alpine
restart: unless-stopped
volumes:
- /mnt/services/proxy/postgres:/var/lib/postgresql/data

19
config/nixos/docker/upnp.nix
View File

@ -1,19 +0,0 @@
{ config, pkgs, ... }:
{
environment.etc."docker/upnp/docker-compose.yml".source = ./upnp/docker-compose.yml;
systemd.services.upnp = {
description = "UPnP Docker Compose Service";
after = [ "network-online.target" ];
wants = [ "network-online.target" ];
serviceConfig = {
ExecStart = "${pkgs.docker-compose}/bin/docker-compose -f /etc/docker/upnp/docker-compose.yml up";
ExecStop = "${pkgs.docker-compose}/bin/docker-compose -f /etc/docker/upnp/docker-compose.yml down";
WorkingDirectory = "/etc/docker/upnp";
Restart = "always";
RestartSec = 10;
};
wantedBy = [ "multi-user.target" ];
};
}

13
config/nixos/docker/upnp/docker-compose.yml
View File

@ -1,13 +0,0 @@
name: upnp
services:
service:
image: ghcr.io/vleeuwenmenno/auto-upnp:latest
restart: unless-stopped
network_mode: host
environment:
UPNP_DURATION: 86400 # 24 hours in seconds
PORTS: |
[
{"port": 80, "protocol": "tcp"},
{"port": 443, "protocol": "tcp"}
]

136
config/nixos/packages/server/traefik.nix
View File

@ -1,136 +0,0 @@
{ pkgs, ... }:
{
services.traefik = {
enable = true;
staticConfigOptions = {
entryPoints = {
web.address = ":80";
websecure.address = ":443";
traefik.address = ":18080";
};
api = {
dashboard = true;
insecure = true;
};
log = {
level = "DEBUG";
};
certificatesResolvers.letsencrypt.acme = {
email = "menno@vleeuwen.me";
storage = "/var/lib/traefik/acme.json";
httpChallenge.entryPoint = "web";
};
};
dynamicConfigOptions = {
http = {
# Plex Media Server
routers.plex = {
rule = "Host(`plex.vleeuwen.me`)";
service = "plex";
entryPoints = [ "websecure" ];
tls.certResolver = "letsencrypt";
};
services.plex.loadBalancer.servers = [ { url = "http://127.0.0.1:32400"; } ];
# Tautulli (Plex Stats)
routers.tautulli = {
rule = "Host(`tautulli.vleeuwen.me`)";
service = "tautulli";
entryPoints = [ "websecure" ];
tls.certResolver = "letsencrypt";
};
services.tautulli.loadBalancer.servers = [ { url = "http://127.0.0.1:8181"; } ];
# Jellyfin
routers.jellyfin = {
rule = "Host(`jellyfin.vleeuwen.me`)";
service = "jellyfin";
entryPoints = [ "websecure" ];
tls.certResolver = "letsencrypt";
};
services.jellyfin.loadBalancer.servers = [ { url = "http://127.0.0.1:8096"; } ];
# Overseerr
routers.overseerr = {
rule = "Host(`overseerr.vleeuwen.me`)";
service = "overseerr";
entryPoints = [ "websecure" ];
tls.certResolver = "letsencrypt";
};
services.overseerr.loadBalancer.servers = [ { url = "http://127.0.0.1:5555"; } ];
# Immich (Google Photos alternative)
routers.immich = {
rule = "Host(`photos.vleeuwen.me`)";
service = "immich";
entryPoints = [ "websecure" ];
tls.certResolver = "letsencrypt";
};
services.immich.loadBalancer.servers = [ { url = "http://127.0.0.1:2283"; } ];
# Gitea Git Server
routers.gitea = {
rule = "Host(`git.mvl.sh`)";
service = "gitea";
entryPoints = [ "websecure" ];
tls.certResolver = "letsencrypt";
};
services.gitea.loadBalancer.servers = [ { url = "http://127.0.0.1:3030"; } ];
# Home Assistant
routers.homeassistant = {
rule = "Host(`home.vleeuwen.me`)";
service = "homeassistant";
entryPoints = [ "websecure" ];
tls.certResolver = "letsencrypt";
};
services.homeassistant.loadBalancer.servers = [ { url = "http://192.168.86.254:8123"; } ];
# InfluxDB for Home Assistant
routers.influxdb = {
rule = "Host(`influxdb.vleeuwen.me`)";
service = "influxdb";
entryPoints = [ "websecure" ];
tls.certResolver = "letsencrypt";
};
services.influxdb.loadBalancer.servers = [ { url = "http://192.168.86.254:8086"; } ];
# Bluemap for Minecraft
routers.bluemap = {
rule = "Host(`map.mvl.sh`)";
service = "bluemap";
entryPoints = [ "websecure" ];
tls.certResolver = "letsencrypt";
};
services.bluemap.loadBalancer.servers = [ { url = "http://127.0.0.1:3456"; } ];
# Factorio Server Manager
routers.factorio = {
rule = "Host(`fsm.mvl.sh`)";
service = "factorio";
entryPoints = [ "websecure" ];
tls.certResolver = "letsencrypt";
};
services.factorio.loadBalancer.servers = [ { url = "http://127.0.0.1:5080"; } ];
# Resume/CV Website
routers.personal-site = {
rule = "Host(`mennovanleeuwen.nl`)";
service = "personal-site";
entryPoints = [ "websecure" ];
tls.certResolver = "letsencrypt";
};
services.personal-site.loadBalancer.servers = [ { url = "http://127.0.0.1:4203"; } ];
# Duplicati Notification Server
routers.duplicati-notif = {
rule = "Host(`duplicati-notifications.mvl.sh`)";
service = "duplicati-notif";
entryPoints = [ "websecure" ];
tls.certResolver = "letsencrypt";
};
services.duplicati-notif.loadBalancer.servers = [ { url = "http://127.0.0.1:5334"; } ];
};
};
};
}