bertof/nix-dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

update(hosts): Unify hosts

Browse source
This commit is contained in:
Filippo Berto 2025-11-02 19:23:27 +01:00
parent f4db960b46
commit e9286c25ab
No known key found for this signature in database
GPG key ID: F1D17F9BCEC62FBC
9 changed files with 38 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

26
hosts.nix
View file

@ -1,23 +1,23 @@
{ {
public.ipv4 = { public.ipv4 = {
"baldur.bertof.net" = "51.195.90.205"; "baldur.bertof.net" = "92.222.35.171";
}; };
tailscale = { tailscale = {
ipv4 = { ipv4 = {
"baldur.tsn" = "100.102.112.86"; "baldur" = "100.102.112.86";
"freya.tsn" = "100.127.35.70"; "freya" = "100.127.35.70";
"heimdall.tsn" = "100.80.122.7"; "heimdall" = "100.80.122.7";
"loki.tsn" = "100.122.147.23"; "loki" = "100.122.147.23";
"odin.tsn" = "100.76.178.8"; "odin" = "100.76.178.8";
"thor.tsn" = "100.76.98.36"; "thor" = "100.76.98.36";
}; };
ipv6 = { ipv6 = {
"baldur.tsn" = "fd7a:115c:a1e0::f01:7067"; "baldur" = "fd7a:115c:a1e0::f01:7067";
"freya.tsn" = "fd7a:115c:a1e0::f87f:2346"; "freya" = "fd7a:115c:a1e0::f87f:2346";
"heimdall.tsn" = "fd7a:115c:a1e0::4e01:7a07"; "heimdall" = "fd7a:115c:a1e0::4e01:7a07";
"loki.tsn" = "fd7a:115c:a1e0::383a:9317"; "loki" = "fd7a:115c:a1e0::383a:9317";
"odin.tsn" = "fd7a:115c:a1e0::4b4c:b208"; "odin" = "fd7a:115c:a1e0::4b4c:b208";
"thor.tsn" = "fd7a:115c:a1e0::7ecc:6224"; "thor" = "fd7a:115c:a1e0::7ecc:6224";
}; };
}; };
# zerotier = { # zerotier = {

26
instances/baldur/configuration.nix
View file

@ -112,7 +112,7 @@
}; };
"home-assistant.bertof.net" = ssl // { "home-assistant.bertof.net" = ssl // {
locations."/" = { locations."/" = {
proxyPass = "http://odin.tsn:8123/"; proxyPass = "http://odin:8123/";
proxyWebsockets = true; proxyWebsockets = true;
}; };
extraConfig = '' extraConfig = ''
@ -123,7 +123,7 @@
}; };
"s3.bertof.net" = ssl // { "s3.bertof.net" = ssl // {
locations."/" = { locations."/" = {
proxyPass = "http://heimdall.tsn:9000/"; proxyPass = "http://heimdall:9000/";
proxyWebsockets = true; proxyWebsockets = true;
}; };
extraConfig = '' extraConfig = ''
@ -138,7 +138,7 @@
}; };
"hass.bertof.net" = ssl // { "hass.bertof.net" = ssl // {
locations."/" = { locations."/" = {
proxyPass = "http://heimdall.tsn:8123/"; proxyPass = "http://heimdall:8123/";
proxyWebsockets = true; proxyWebsockets = true;
}; };
extraConfig = '' extraConfig = ''
@ -150,7 +150,7 @@
"immich.bertof.net" = ssl // { "immich.bertof.net" = ssl // {
locations."/" = { locations."/" = {
proxyPass = "http://heimdall.tsn:2283"; proxyPass = "http://heimdall:2283";
proxyWebsockets = true; proxyWebsockets = true;
recommendedProxySettings = true; recommendedProxySettings = true;
extraConfig = '' extraConfig = ''
@ -164,7 +164,7 @@
}; };
"git.bertof.net" = ssl // { "git.bertof.net" = ssl // {
locations."/" = { locations."/" = {
proxyPass = "http://heimdall.tsn:3000"; proxyPass = "http://heimdall:3000";
proxyWebsockets = true; proxyWebsockets = true;
recommendedProxySettings = true; recommendedProxySettings = true;
extraConfig = '' extraConfig = ''
@ -179,7 +179,7 @@
# "ntfy.bertof.net" = ssl // { # "ntfy.bertof.net" = ssl // {
# locations."/" = { # locations."/" = {
# proxyPass = "http://heimdall.tsn:7080/"; # proxyPass = "http://heimdall:7080/";
# proxyWebsockets = true; # proxyWebsockets = true;
# extraConfig = '' # extraConfig = ''
# client_max_body_size 5g; # client_max_body_size 5g;
@ -188,7 +188,7 @@
# }; # };
"my-nextcloud.bertof.net" = ssl // { "my-nextcloud.bertof.net" = ssl // {
locations."/" = { locations."/" = {
proxyPass = "http://heimdall.tsn:80/"; proxyPass = "http://heimdall:80/";
proxyWebsockets = true; proxyWebsockets = true;
extraConfig = '' extraConfig = ''
client_max_body_size 5g; client_max_body_size 5g;
@ -198,7 +198,7 @@
}; };
# "grafana.bertof.net" = ssl // { # "grafana.bertof.net" = ssl // {
# locations."/" = { # locations."/" = {
# proxyPass = "http://heimdall.tsn:3000/"; # proxyPass = "http://heimdall:3000/";
# proxyWebsockets = true; # proxyWebsockets = true;
# extraConfig = '' # extraConfig = ''
# client_max_body_size 5g; # client_max_body_size 5g;
@ -207,25 +207,25 @@
# }; # };
"radarr.bertof.net" = ssl // { "radarr.bertof.net" = ssl // {
locations."/" = { locations."/" = {
proxyPass = "http://heimdall.tsn:7878/"; proxyPass = "http://heimdall:7878/";
proxyWebsockets = true; proxyWebsockets = true;
}; };
}; };
"sonarr.bertof.net" = ssl // { "sonarr.bertof.net" = ssl // {
locations."/" = { locations."/" = {
proxyPass = "http://heimdall.tsn:8989/"; proxyPass = "http://heimdall:8989/";
proxyWebsockets = true; proxyWebsockets = true;
}; };
}; };
"lidarr.bertof.net" = ssl // { "lidarr.bertof.net" = ssl // {
locations."/" = { locations."/" = {
proxyPass = "http://heimdall.tsn:8686/"; proxyPass = "http://heimdall:8686/";
proxyWebsockets = true; proxyWebsockets = true;
}; };
}; };
"ombi.bertof.net" = ssl // { "ombi.bertof.net" = ssl // {
locations."/" = { locations."/" = {
proxyPass = "http://heimdall.tsn:5000/"; proxyPass = "http://heimdall:5000/";
proxyWebsockets = true; proxyWebsockets = true;
}; };
}; };
@ -237,7 +237,7 @@
# }; # };
"jellyfin.bertof.net" = ssl // { "jellyfin.bertof.net" = ssl // {
locations."/" = { locations."/" = {
proxyPass = "http://heimdall.tsn:8096/"; proxyPass = "http://heimdall:8096/";
proxyWebsockets = true; proxyWebsockets = true;
}; };
}; };

2
instances/freya/configuration.nix
View file

@ -126,7 +126,7 @@ in
http = { http = {
use_x_forwarded_for = true; use_x_forwarded_for = true;
trusted_proxies = [ trusted_proxies = [
hosts.tailscale.ipv4."baldur.tsn" hosts.tailscale.ipv4."baldur"
"::1" "::1"
"127.0.0.1" "127.0.0.1"
]; ];

2
instances/heimdall/configuration.nix
View file

@ -211,7 +211,7 @@ in
http = { http = {
use_x_forwarded_for = true; use_x_forwarded_for = true;
trusted_proxies = [ trusted_proxies = [
hosts.tailscale.ipv4."baldur.tsn" hosts.tailscale.ipv4."baldur"
"::1" "::1"
"127.0.0.1" "127.0.0.1"
]; ];

2
instances/loki/configuration.nix
View file

@ -273,7 +273,7 @@ in
http = { http = {
use_x_forwarded_for = true; use_x_forwarded_for = true;
trusted_proxies = [ trusted_proxies = [
hosts.tailscale.ipv4."baldur.tsn" hosts.tailscale.ipv4."baldur"
"::1" "::1"
"127.0.0.1" "127.0.0.1"
]; ];

2
instances/odin/configuration.nix
View file

@ -216,7 +216,7 @@ in
http = { http = {
use_x_forwarded_for = true; use_x_forwarded_for = true;
trusted_proxies = [ trusted_proxies = [
hosts.tailscale.ipv4."baldur.tsn" hosts.tailscale.ipv4."baldur"
"::1" "::1"
"127.0.0.1" "127.0.0.1"
]; ];

2
nixos/basics/distributed.nix
View file

@ -3,7 +3,7 @@
nix.settings = { nix.settings = {
# extra-substituters = [ # extra-substituters = [
# "https://hyprland.cachix.org" # "https://hyprland.cachix.org"
# "s3://nix-cache?endpoint=heimdall.tsn:9000&scheme=http&parallel-compression=true&want-mass-query=true&priority=35" # "s3://nix-cache?endpoint=heimdall:9000&scheme=http&parallel-compression=true&want-mass-query=true&priority=35"
# # "s3://nix-cache?endpoint=s3.bertof.net" # # "s3://nix-cache?endpoint=s3.bertof.net"
# ]; # ];

5
nixos/garage.nix
View file

@ -1,4 +1,5 @@
{ pkgs, config, ... }: { { pkgs, config, ... }:
let hosts = import ../hosts.nix; in {
users.groups.garage = { }; users.groups.garage = { };
users.users.garage = { isSystemUser = true; group = "garage"; }; users.users.garage = { isSystemUser = true; group = "garage"; };
age.secrets.garage_rpc_secret = { age.secrets.garage_rpc_secret = {
@ -27,7 +28,7 @@
rpc_bind_addr = "0.0.0.0:3901"; rpc_bind_addr = "0.0.0.0:3901";
bootstrap_peers = [ ]; bootstrap_peers = [ ];
rpc_public_addr = "heimdall.tsn:3901"; rpc_public_addr = "${hosts.tailscale.ipv4.${config.networking.hostName}}:3901";
s3_api = { s3_api = {
api_bind_addr = "0.0.0.0:3900"; api_bind_addr = "0.0.0.0:3900";

8
nixos/nextcloud.nix
View file

@ -62,15 +62,15 @@ in
"OC\\Preview\\EMF" "OC\\Preview\\EMF"
]; ];
trusted_proxies = [ trusted_proxies = [
hosts.tailscale.ipv4."baldur.tsn" hosts.tailscale.ipv4."baldur"
hosts.tailscale.ipv6."baldur.tsn" hosts.tailscale.ipv6."baldur"
]; ];
trusted_domains = [ "heimdall.tsn" "heimdall" ]; trusted_domains = [ "heimdall" "heimdall" ];
# overwriteprotocol = "http"; # overwriteprotocol = "http";
}; };
config = { config = {
dbtype = "pgsql"; dbtype = "pgsql";
# extraTrustedDomains = [ "freya.tsn" ]; # extraTrustedDomains = [ "freya" ];
adminpassFile = config.age.secrets.nextcloud_admin_secret.path; adminpassFile = config.age.secrets.nextcloud_admin_secret.path;
objectstore.s3 = { objectstore.s3 = {
enable = true; enable = true;