Chris Toph
8999806111
- Remove static host mappings from networking config - Add reverse proxy settings for multiple subdomains - Introduce DNSMASQ configuration with custom DNS records and firewall rules - Update firewall UDP port settings and system stateVersion
65 lines
1.7 KiB
Nix
65 lines
1.7 KiB
Nix
{
|
|
services.caddy = {
|
|
enable = true;
|
|
virtualHosts = {
|
|
"cloudflared.ryot.foo" = {
|
|
useACMEHost = "ryot.foo";
|
|
extraConfig = ''
|
|
reverse_proxy localhost:14333
|
|
'';
|
|
};
|
|
|
|
## openWRT ##
|
|
|
|
"wrt.ryot.foo" = {
|
|
useACMEHost = "ryot.foo";
|
|
extraConfig = ''
|
|
reverse_proxy http://104.40.3.1 {
|
|
header_up Host {host}
|
|
header_up X-Real-IP {remote}
|
|
header_up X-Forwarded-For {remote}
|
|
header_up X-Forwarded-Proto {scheme}
|
|
header_up X-Forwarded-Port {server_port}
|
|
}
|
|
'';
|
|
};
|
|
|
|
## PROXMOX NODES ##
|
|
|
|
"ochre.ryot.foo" = {
|
|
useACMEHost = "ryot.foo";
|
|
extraConfig = ''
|
|
reverse_proxy https://104.40.3.2:8006 {
|
|
transport http {
|
|
tls_insecure_skip_verify
|
|
# optional: tls_server_name 104.40.3.2
|
|
}
|
|
# ensure Proxmox sees the right Host
|
|
header_up Host {host}
|
|
header_up X-Real-IP {remote}
|
|
header_up X-Forwarded-For {remote}
|
|
header_up X-Forwarded-Proto {scheme}
|
|
header_up X-Forwarded-Port {server_port}
|
|
}
|
|
'';
|
|
};
|
|
|
|
"pve.ryot.foo" = {
|
|
useACMEHost = "ryot.foo";
|
|
extraConfig = ''
|
|
reverse_proxy https://104.40.3.3:8006 {
|
|
transport http {
|
|
tls_insecure_skip_verify
|
|
# optional: tls_server_name 104.40.3.3
|
|
}
|
|
header_up Host {host}
|
|
header_up X-Real-IP {remote}
|
|
header_up X-Forwarded-For {remote}
|
|
header_up X-Forwarded-Proto {scheme}
|
|
header_up X-Forwarded-Port {server_port}
|
|
}
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
}
|