From 3d6ab37d93952515c38b090f79d7ae9ea4ed0658 Mon Sep 17 00:00:00 2001 From: Kat Inskip Date: Sat, 27 Jan 2024 21:31:47 -0800 Subject: [PATCH] refactor(mediabox): break cloudflared out into a separate file --- systems/mediabox/cloudflared.nix | 28 ++++++++++++++++++++++++++++ systems/mediabox/config.nix | 25 ------------------------- 2 files changed, 28 insertions(+), 25 deletions(-) create mode 100644 systems/mediabox/cloudflared.nix diff --git a/systems/mediabox/cloudflared.nix b/systems/mediabox/cloudflared.nix new file mode 100644 index 00000000..27257dff --- /dev/null +++ b/systems/mediabox/cloudflared.nix @@ -0,0 +1,28 @@ +{config, ...}: let + inherit (config.services) deluge plex tautulli ombi sonarr radarr bazarr lidarr readarr prowlarr cloudflared; +in { + sops.secrets.cloudflare_mediabox_tunnel = { + owner = cloudflared.user; + }; + + services.cloudflared = let + tunnelId = "6a3c1863-d879-462f-b5d5-7c6ddf476d0e"; + inherit (config.networking) domain; + in { + tunnels.${tunnelId} = { + default = "http_status:404"; + credentialsFile = config.sops.secrets.cloudflare_mediabox_tunnel.path; + ingress = { + "tautulli.${domain}".service = "http://localhost:${toString tautulli.port}"; + "ombi.${domain}".service = "http://localhost:${toString ombi.port}"; + "sonarr.${domain}".service = "http://localhost:${toString sonarr.port}"; + "radarr.${domain}".service = "http://localhost:${toString radarr.port}"; + "bazarr.${domain}".service = "http://localhost:${toString bazarr.listenPort}"; + "lidarr.${domain}".service = "http://localhost:${toString lidarr.port}"; + "readarr.${domain}".service = "http://localhost:${toString readarr.port}"; + "prowlarr.${domain}".service = "http://localhost:${toString prowlarr.port}"; + "deluge.${domain}".service = "http://localhost:${toString deluge.web.port}"; + }; + }; + }; +} diff --git a/systems/mediabox/config.nix b/systems/mediabox/config.nix index 1e8bdd34..aef1945a 100644 --- a/systems/mediabox/config.nix +++ b/systems/mediabox/config.nix @@ -48,31 +48,6 @@ _: { nixos.prowlarr ]; - sops.secrets.cloudflare_mediabox_tunnel = { - owner = cloudflared.user; - }; - - services.cloudflared = let - tunnelId = "6a3c1863-d879-462f-b5d5-7c6ddf476d0e"; - inherit (config.networking) domain; - in { - tunnels.${tunnelId} = { - default = "http_status:404"; - credentialsFile = config.sops.secrets.cloudflare_mediabox_tunnel.path; - ingress = { - "tautulli.${domain}".service = "http://localhost:${toString tautulli.port}"; - "ombi.${domain}".service = "http://localhost:${toString ombi.port}"; - "sonarr.${domain}".service = "http://localhost:${toString sonarr.port}"; - "radarr.${domain}".service = "http://localhost:${toString radarr.port}"; - "bazarr.${domain}".service = "http://localhost:${toString bazarr.listenPort}"; - "lidarr.${domain}".service = "http://localhost:${toString lidarr.port}"; - "readarr.${domain}".service = "http://localhost:${toString readarr.port}"; - "prowlarr.${domain}".service = "http://localhost:${toString prowlarr.port}"; - "deluge.${domain}".service = "http://localhost:${toString deluge.web.port}"; - }; - }; - }; - services.mediatomb = { serverName = "tewi"; mediaDirectories = let