mirror of
https://github.com/gensokyo-zone/infrastructure.git
synced 2026-02-09 12:29:19 -08:00
41 lines
1.1 KiB
Nix
41 lines
1.1 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
...
|
|
}: let
|
|
inherit (config.services) nginx tautulli ombi sonarr radarr bazarr lidarr readarr prowlarr cloudflared;
|
|
inherit (lib.modules) mkMerge;
|
|
inherit (lib.attrsets) mapAttrs' nameValuePair;
|
|
in {
|
|
sops.secrets.cloudflare_mediabox_tunnel = {
|
|
owner = cloudflared.user;
|
|
};
|
|
|
|
services.cloudflared = let
|
|
tunnelId = "6a3c1863-d879-462f-b5d5-7c6ddf476d0e";
|
|
ingressPorts = {
|
|
tautulli = tautulli.port;
|
|
ombi = ombi.port;
|
|
sonarr = sonarr.port;
|
|
radarr = radarr.port;
|
|
bazarr = bazarr.listenPort;
|
|
lidarr = lidarr.port;
|
|
readarr = readarr.port;
|
|
prowlarr = prowlarr.port;
|
|
};
|
|
ingress = mapAttrs' (name: port:
|
|
nameValuePair "${name}.${config.networking.domain}" {
|
|
service = "http://localhost:${toString port}";
|
|
})
|
|
ingressPorts;
|
|
in {
|
|
tunnels.${tunnelId} = {
|
|
default = "http_status:404";
|
|
credentialsFile = config.sops.secrets.cloudflare_mediabox_tunnel.path;
|
|
ingress = mkMerge [
|
|
ingress
|
|
(nginx.virtualHosts.deluge.proxied.cloudflared.getIngress {})
|
|
];
|
|
};
|
|
};
|
|
}
|