From 88d93edc3eec2059304a6e7b32b24adba7fc3f21 Mon Sep 17 00:00:00 2001 From: kat witch Date: Fri, 8 Apr 2022 01:04:55 +0100 Subject: [PATCH] Final changes for HA GA integration --- config/hosts/daiyousei.nix | 1 - config/hosts/yukari.nix | 1 - config/services/access.nix | 26 ++++++++++++++++++++++++++ config/services/daiyousei-access.nix | 24 ------------------------ config/services/ha.nix | 19 ++----------------- config/tf | 2 +- 6 files changed, 29 insertions(+), 44 deletions(-) delete mode 100644 config/services/daiyousei-access.nix diff --git a/config/hosts/daiyousei.nix b/config/hosts/daiyousei.nix index 0d9d0666..ac7580ff 100644 --- a/config/hosts/daiyousei.nix +++ b/config/hosts/daiyousei.nix @@ -18,7 +18,6 @@ services.hedgedoc services.website services.dnscrypt-proxy - services.daiyousei-access services.vaultwarden services.weechat services.znc diff --git a/config/hosts/yukari.nix b/config/hosts/yukari.nix index 0041cbda..80369ab7 100644 --- a/config/hosts/yukari.nix +++ b/config/hosts/yukari.nix @@ -13,7 +13,6 @@ services.tvheadend services.zfs services.plex - services.kubernetes users.arc ]; diff --git a/config/services/access.nix b/config/services/access.nix index 6d188dea..eaf140d4 100644 --- a/config/services/access.nix +++ b/config/services/access.nix @@ -17,8 +17,34 @@ cname = { inherit (config.network.addresses.public) target; }; }; + deploy.tf.dns.records.services_home = { + inherit (config.network.dns) zone; + domain = "home"; + a = { inherit (config.network.addresses.public.tf.ipv4) address; }; + }; + + deploy.tf.dns.records.services_home_v6 = { + inherit (config.network.dns) zone; + domain = "home"; + aaaa = { inherit (config.network.addresses.public.tf.ipv6) address; }; + }; services.nginx.virtualHosts = mkMerge [ { + + "home.${config.network.dns.domain}" = { + forceSSL = true; + enableACME = true; + locations = { + "/" = { + proxyPass = "http://yukari.ygg.kittywit.ch:8123"; + extraConfig = '' + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_http_version 1.1; + ''; + }; + }; + }; "cloud.${config.network.dns.domain}" = { forceSSL = true; enableACME = true; diff --git a/config/services/daiyousei-access.nix b/config/services/daiyousei-access.nix deleted file mode 100644 index 9b772e2f..00000000 --- a/config/services/daiyousei-access.nix +++ /dev/null @@ -1,24 +0,0 @@ - -{ config, lib, meta, ... }: with lib; { - deploy.tf.dns.records.services_home = { - inherit (config.network.dns) zone; - domain = "home"; - a = { inherit (config.network.addresses.public.tf.ipv4) address; }; - }; - - services.nginx.virtualHosts = { - "home.${config.network.dns.domain}" = { - forceSSL = true; - enableACME = true; - locations = { - "/" = { - proxyPass = "http://home.int.kittywit.ch:8123"; - extraConfig = '' - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - ''; - }; - }; - }; - }; -} diff --git a/config/services/ha.nix b/config/services/ha.nix index bd5e2562..2c206765 100644 --- a/config/services/ha.nix +++ b/config/services/ha.nix @@ -11,7 +11,7 @@ "met" "default_config" "cast" - "jellyfin" + "plex" "google" "google_assistant" "google_cloud" @@ -47,21 +47,6 @@ }; }; - deploy.tf.dns.records.services_internal_home = { - inherit (config.network.dns) zone; - domain = "home.int"; - cname = { inherit (config.network.addresses.yggdrasil) target; }; - }; - - services.nginx.virtualHosts."home.kittywit.ch" = { - locations."/" = { - proxyPass = "http://127.0.0.1:8123"; - extraConfig = '' - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - ''; - }; - }; - network.firewall.public.tcp.ports = [ 8123 ]; + network.firewall.private.tcp.ports = [ 8123 ]; } diff --git a/config/tf b/config/tf index a008ca69..0cefe92c 160000 --- a/config/tf +++ b/config/tf @@ -1 +1 @@ -Subproject commit a008ca692a8217c4f52ceac1d40be39f77c9a324 +Subproject commit 0cefe92c06fb4ea84e6af71be67741c0dea70b68