Replace Caddy with Newt service config

- Remove Caddy config files for multiple hosts - Add Newt service configuration to cloud, komo, and sock
2025-06-14 01:18:26 -04:00 · 2025-06-14 01:18:26 -04:00 · f62a612758
commit f62a612758
parent 39f0026f52
8 changed files with 22 additions and 161 deletions
--- a/hosts/x86/cloud/config/caddy.nix
+++ b/hosts/x86/cloud/config/caddy.nix
@ -1,20 +0,0 @@
-{
-  services.caddy = {
-    enable = true;
-    virtualHosts = {
-      ## Filerun ##
-      "drive.ryot.foo" = {
-        useACMEHost = "ryot.foo";
-        extraConfig = ''
-          reverse_proxy http://localhost:8181 {
-            header_up Host {host}
-            # header_up X-Forwarded-For {remote}
-            # header_up X-Forwarded-Proto {scheme}
-            # header_up X-Forwarded-Protocol {scheme}
-            # header_up X-Forwarded-Port {server_port}
-          }
-        '';
-      };
-    };
-  };
-}
--- a/hosts/x86/cloud/config/newt.nix
+++ b/hosts/x86/cloud/config/newt.nix
@ -0,0 +1,7 @@
+{
+  services.newt = {
+    enable = true;
+    id = "v0d4o5oras85zq8";
+    secret = "zyqht58kymdv4iij6t4no4ldnr7djg7wbfec95olnsg8jzf2";
+  };
+}
--- a/hosts/x86/cloud/default.nix
+++ b/hosts/x86/cloud/default.nix
@ -31,7 +31,6 @@ in
      "hosts/global/core"

      ## Optional Configs ##
-      "hosts/global/common/acme"
      "hosts/global/common/docker.nix"
    ])
  ];
--- a/hosts/x86/komo/config/caddy.nix
+++ b/hosts/x86/komo/config/caddy.nix
@ -1,119 +0,0 @@
-{
-  services.caddy = {
-    enable = true;
-    virtualHosts = {
-
-      ## TOPH.CC ##
-
-      "blog.toph.cc" = {
-        useACMEHost = "toph.cc";
-        extraConfig = ''
-          reverse_proxy localhost:2368
-        '';
-      };
-
-      ## RYOT.FOO ##
-
-      "auth.ryot.foo" = {
-        useACMEHost = "ryot.foo";
-        extraConfig = ''
-          reverse_proxy localhost:9000 {
-            header_up Host {host}
-            header_up X-Forwarded-For {remote}
-            header_up X-Forwarded-Proto {scheme}
-            header_up X-Forwarded-Protocol {scheme}
-            header_up X-Forwarded-Port {server_port}
-          }
-        '';
-      };
-
-      "frp.ryot.foo" = {
-        useACMEHost = "ryot.foo";
-        extraConfig = ''
-          route {
-            # 1) Proxy all outpost requests back to Authentik
-            reverse_proxy /outpost.goauthentik.io/* localhost:9000
-
-            # 2) Protect everything else via forward_auth
-            forward_auth localhost:9000 {
-              uri     /outpost.goauthentik.io/auth/caddy
-              # copy user info headers from Authentik
-              copy_headers  X-Authentik-Username X-Authentik-Groups \
-                            X-Authentik-Entitlements X-Authentik-Email \
-                            X-Authentik-Name X-Authentik-Uid \
-                            X-Authentik-Jwt X-Authentik-Meta-Jwks \
-                            X-Authentik-Meta-Outpost X-Authentik-Meta-Provider \
-                            X-Authentik-Meta-App X-Authentik-Meta-Version
-              trusted_proxies private_ranges
-            }
-
-            # 3) If authenticated, proxy to your FRP UI
-            reverse_proxy localhost:4041 {
-              header_up Host             {host}
-              header_up X-Real-IP         {remote}
-              header_up X-Forwarded-For   {remote}
-              header_up X-Forwarded-Proto {scheme}
-              header_up X-Forwarded-Port  {server_port}
-            }
-          }
-        '';
-      };
-
-      "grafana.ryot.foo" = {
-        useACMEHost = "ryot.foo";
-        extraConfig = ''
-          reverse_proxy localhost:3001
-        '';
-      };
-
-      "git.ryot.foo" = {
-        useACMEHost = "ryot.foo";
-        extraConfig = ''
-          reverse_proxy localhost:3003
-        '';
-      };
-
-      "influx.ryot.foo" = {
-        useACMEHost = "ryot.foo";
-        extraConfig = ''
-          reverse_proxy localhost:8086
-        '';
-      };
-
-      "home.ryot.foo" = {
-        useACMEHost = "ryot.foo";
-        extraConfig = ''
-          reverse_proxy localhost:7475
-        '';
-      };
-
-      "komodo.ryot.foo" = {
-        useACMEHost = "ryot.foo";
-        extraConfig = ''
-          reverse_proxy localhost:9120
-        '';
-      };
-
-      "map.ryot.foo" = {
-        useACMEHost = "ryot.foo";
-        extraConfig = ''
-          reverse_proxy localhost:25566
-        '';
-      };
-
-      "outline.ryot.foo" = {
-        useACMEHost = "ryot.foo";
-        extraConfig = ''
-          reverse_proxy localhost:3480 
-        '';
-      };
-
-      "plane.ryot.foo" = {
-        useACMEHost = "ryot.foo";
-        extraConfig = ''
-          reverse_proxy localhost:3000 
-        '';
-      };
-    };
-  };
-}
--- a/hosts/x86/komo/config/newt.nix
+++ b/hosts/x86/komo/config/newt.nix
@ -0,0 +1,8 @@
+{
+  services.newt = {
+    enable = true;
+    id = "7o2m62kaxpoi5pb";
+    secret = "t97xvz0itdkga6jr8x88oddxijzs73yslpsunlvyqu9xiyys";
+    useHostNetwork = true;
+  };
+}
--- a/hosts/x86/sock/config/caddy.nix
+++ b/hosts/x86/sock/config/caddy.nix
@ -1,20 +0,0 @@
-{
-  services.caddy = {
-    enable = true;
-    virtualHosts = {
-      "upsnap.ryot.foo" = {
-        useACMEHost = "ryot.foo";
-        extraConfig = ''
-          reverse_proxy localhost:8090
-        '';
-      };
-
-      "sock.ryot.foo" = {
-        useACMEHost = "ryot.foo";
-        extraConfig = ''
-          reverse_proxy localhost:9120
-        '';
-      };
-    };
-  };
-}
--- a/hosts/x86/sock/config/newt.nix
+++ b/hosts/x86/sock/config/newt.nix
@ -0,0 +1,7 @@
+{
+  services.newt = {
+    enable = true;
+    id = "3p15lzqz0ep9f46";
+    secret = "8uz056bzh22vuemtsxda31ibiu7jkqmyn1b7bifbqk38nlm4";
+  };
+}
--- a/hosts/x86/sock/default.nix
+++ b/hosts/x86/sock/default.nix
@ -31,7 +31,6 @@ in
      "hosts/global/core"

      ## Optional Configs ##
-      "hosts/global/common/acme"
      "hosts/global/common/docker.nix"
    ])
  ];