update(hosts): Unify hosts

hosts.nix

@@ -1,23 +1,23 @@
 {
   public.ipv4 = {
-    "baldur.bertof.net" = "51.195.90.205";
+    "baldur.bertof.net" = "92.222.35.171";
   };
   tailscale = {
     ipv4 = {
-      "baldur.tsn" = "100.102.112.86";
-      "freya.tsn" = "100.127.35.70";
-      "heimdall.tsn" = "100.80.122.7";
-      "loki.tsn" = "100.122.147.23";
-      "odin.tsn" = "100.76.178.8";
-      "thor.tsn" = "100.76.98.36";
+      "baldur" = "100.102.112.86";
+      "freya" = "100.127.35.70";
+      "heimdall" = "100.80.122.7";
+      "loki" = "100.122.147.23";
+      "odin" = "100.76.178.8";
+      "thor" = "100.76.98.36";
     };
     ipv6 = {
-      "baldur.tsn" = "fd7a:115c:a1e0::f01:7067";
-      "freya.tsn" = "fd7a:115c:a1e0::f87f:2346";
-      "heimdall.tsn" = "fd7a:115c:a1e0::4e01:7a07";
-      "loki.tsn" = "fd7a:115c:a1e0::383a:9317";
-      "odin.tsn" = "fd7a:115c:a1e0::4b4c:b208";
-      "thor.tsn" = "fd7a:115c:a1e0::7ecc:6224";
+      "baldur" = "fd7a:115c:a1e0::f01:7067";
+      "freya" = "fd7a:115c:a1e0::f87f:2346";
+      "heimdall" = "fd7a:115c:a1e0::4e01:7a07";
+      "loki" = "fd7a:115c:a1e0::383a:9317";
+      "odin" = "fd7a:115c:a1e0::4b4c:b208";
+      "thor" = "fd7a:115c:a1e0::7ecc:6224";
     };
   };
   # zerotier = {

instances/baldur/configuration.nix

@@ -112,7 +112,7 @@
           };
           "home-assistant.bertof.net" = ssl // {
             locations."/" = {
-              proxyPass = "http://odin.tsn:8123/";
+              proxyPass = "http://odin:8123/";
               proxyWebsockets = true;
             };
             extraConfig = ''
@@ -123,7 +123,7 @@
           };
           "s3.bertof.net" = ssl // {
             locations."/" = {
-              proxyPass = "http://heimdall.tsn:9000/";
+              proxyPass = "http://heimdall:9000/";
               proxyWebsockets = true;
             };
             extraConfig = ''
@@ -138,7 +138,7 @@
           };
           "hass.bertof.net" = ssl // {
             locations."/" = {
-              proxyPass = "http://heimdall.tsn:8123/";
+              proxyPass = "http://heimdall:8123/";
               proxyWebsockets = true;
             };
             extraConfig = ''
@@ -150,7 +150,7 @@
 
           "immich.bertof.net" = ssl // {
             locations."/" = {
-              proxyPass = "http://heimdall.tsn:2283";
+              proxyPass = "http://heimdall:2283";
               proxyWebsockets = true;
               recommendedProxySettings = true;
               extraConfig = ''
@@ -164,7 +164,7 @@
           };
           "git.bertof.net" = ssl // {
             locations."/" = {
-              proxyPass = "http://heimdall.tsn:3000";
+              proxyPass = "http://heimdall:3000";
               proxyWebsockets = true;
               recommendedProxySettings = true;
               extraConfig = ''
@@ -179,7 +179,7 @@
 
           # "ntfy.bertof.net" = ssl // {
           #   locations."/" = {
-          #     proxyPass = "http://heimdall.tsn:7080/";
+          #     proxyPass = "http://heimdall:7080/";
           #     proxyWebsockets = true;
           #     extraConfig = ''
           #       client_max_body_size 5g;
@@ -188,7 +188,7 @@
           # };
           "my-nextcloud.bertof.net" = ssl // {
             locations."/" = {
-              proxyPass = "http://heimdall.tsn:80/";
+              proxyPass = "http://heimdall:80/";
               proxyWebsockets = true;
               extraConfig = ''
                 client_max_body_size 5g;
@@ -198,7 +198,7 @@
           };
           # "grafana.bertof.net" = ssl // {
           #   locations."/" = {
-          #     proxyPass = "http://heimdall.tsn:3000/";
+          #     proxyPass = "http://heimdall:3000/";
           #     proxyWebsockets = true;
           #     extraConfig = ''
           #       client_max_body_size 5g;
@@ -207,25 +207,25 @@
           # };
           "radarr.bertof.net" = ssl // {
             locations."/" = {
-              proxyPass = "http://heimdall.tsn:7878/";
+              proxyPass = "http://heimdall:7878/";
               proxyWebsockets = true;
             };
           };
           "sonarr.bertof.net" = ssl // {
             locations."/" = {
-              proxyPass = "http://heimdall.tsn:8989/";
+              proxyPass = "http://heimdall:8989/";
               proxyWebsockets = true;
             };
           };
           "lidarr.bertof.net" = ssl // {
             locations."/" = {
-              proxyPass = "http://heimdall.tsn:8686/";
+              proxyPass = "http://heimdall:8686/";
               proxyWebsockets = true;
             };
           };
           "ombi.bertof.net" = ssl // {
             locations."/" = {
-              proxyPass = "http://heimdall.tsn:5000/";
+              proxyPass = "http://heimdall:5000/";
               proxyWebsockets = true;
             };
           };
@@ -237,7 +237,7 @@
           # };
           "jellyfin.bertof.net" = ssl // {
             locations."/" = {
-              proxyPass = "http://heimdall.tsn:8096/";
+              proxyPass = "http://heimdall:8096/";
               proxyWebsockets = true;
             };
           };

instances/freya/configuration.nix

@@ -126,7 +126,7 @@ in
         http = {
           use_x_forwarded_for = true;
           trusted_proxies = [
-            hosts.tailscale.ipv4."baldur.tsn"
+            hosts.tailscale.ipv4."baldur"
             "::1"
             "127.0.0.1"
           ];

instances/heimdall/configuration.nix

@@ -211,7 +211,7 @@ in
         http = {
           use_x_forwarded_for = true;
           trusted_proxies = [
-            hosts.tailscale.ipv4."baldur.tsn"
+            hosts.tailscale.ipv4."baldur"
             "::1"
             "127.0.0.1"
           ];

instances/loki/configuration.nix

@@ -273,7 +273,7 @@ in
       http = {
         use_x_forwarded_for = true;
         trusted_proxies = [
-          hosts.tailscale.ipv4."baldur.tsn"
+          hosts.tailscale.ipv4."baldur"
           "::1"
           "127.0.0.1"
         ];

instances/odin/configuration.nix

@@ -216,7 +216,7 @@ in
         http = {
           use_x_forwarded_for = true;
           trusted_proxies = [
-            hosts.tailscale.ipv4."baldur.tsn"
+            hosts.tailscale.ipv4."baldur"
             "::1"
             "127.0.0.1"
           ];

nixos/basics/distributed.nix

@@ -3,7 +3,7 @@
   nix.settings = {
     # extra-substituters = [
     #   "https://hyprland.cachix.org"
-    #   "s3://nix-cache?endpoint=heimdall.tsn:9000&scheme=http&parallel-compression=true&want-mass-query=true&priority=35"
+    #   "s3://nix-cache?endpoint=heimdall:9000&scheme=http&parallel-compression=true&want-mass-query=true&priority=35"
     #   # "s3://nix-cache?endpoint=s3.bertof.net"
     # ];
 

nixos/garage.nix

@@ -1,4 +1,5 @@
-{ pkgs, config, ... }: {
+{ pkgs, config, ... }:
+let hosts = import ../hosts.nix; in {
   users.groups.garage = { };
   users.users.garage = { isSystemUser = true; group = "garage"; };
   age.secrets.garage_rpc_secret = {
@@ -27,7 +28,7 @@
       rpc_bind_addr = "0.0.0.0:3901";
       bootstrap_peers = [ ];
 
-      rpc_public_addr = "heimdall.tsn:3901";
+      rpc_public_addr = "${hosts.tailscale.ipv4.${config.networking.hostName}}:3901";
 
       s3_api = {
         api_bind_addr = "0.0.0.0:3900";

nixos/nextcloud.nix

@@ -62,15 +62,15 @@ in
         "OC\\Preview\\EMF"
       ];
       trusted_proxies = [
-        hosts.tailscale.ipv4."baldur.tsn"
-        hosts.tailscale.ipv6."baldur.tsn"
+        hosts.tailscale.ipv4."baldur"
+        hosts.tailscale.ipv6."baldur"
       ];
-      trusted_domains = [ "heimdall.tsn" "heimdall" ];
+      trusted_domains = [ "heimdall" "heimdall" ];
       # overwriteprotocol = "http";
     };
     config = {
       dbtype = "pgsql";
-      # extraTrustedDomains = [ "freya.tsn" ];
+      # extraTrustedDomains = [ "freya" ];
       adminpassFile = config.age.secrets.nextcloud_admin_secret.path;
       objectstore.s3 = {
         enable = true;