let acmeLabel = "Acme"; caddyLabel = "Caddy"; castLabel = "Castopod"; forgejoLabel = "Forgejo"; jellyfinLabel = "Jellyfin"; mastodonLabel = "Mastodon"; matrixLabel = "Matrix"; minecraftLabel = "Minecraft"; nextcloudLabel = "Nextcloud"; ollamaLabel = "Ollama"; peertubeLabel = "PeerTube"; postgresLabel = "PostgreSQL"; sambaLabel = "Samba"; syncthingLabel = "Syncthing"; synologyLabel = "Synology"; vaultwardenLabel = "Vaultwarden"; writefreelyLabel = "WriteFreely"; acmeName = "acme"; caddyName = "caddy"; castName = "castopod"; forgejoName = "forgejo"; jellyfinName = "jellyfin"; mastodonName = "mastodon"; matrixName = "matrix"; minecraftName = "minecraft"; nextcloudName = "nextcloud"; ollamaName = "ollama"; peertubeName = "peertube"; postgresName = "postgres"; sambaName = "samba"; syncthingName = "syncthing"; synologyName = "synology"; vaultwardenName = "vaultwarden"; writefreelyName = "writefreely"; domain0 = "cloudbert.fun"; domain1 = "the-nutrivore.social"; servicePath = "/mnt/media/NAS1"; sops = "/var/lib/secrets"; sslPath = "/var/lib/acme"; in { instance = { acme = { label = acmeLabel; name = acmeName; paths = { path0 = sslPath; }; sops = { path0 = "${sops}/${acmeName}"; }; }; caddy = { label = caddyLabel; name = caddyName; sops = { path0 = "${sops}/${caddyName}"; }; ports = { port0 = 80; port1 = 443; }; }; castopod = let castDomain = "podcast"; in { label = castLabel; name = castName; sops = { path0 = "${sops}/${castName}"; }; subdomain = castDomain; paths = { path0 = "${servicePath}/${castLabel}"; }; ports = { port0 = 8000; }; ssl = { cert = "${sslPath}/${castDomain}.${domain1}/fullchain.pem"; key = "${sslPath}/${castDomain}.${domain1}/key.pem"; }; }; forgejo = let forgejoDomain = "source"; in { label = forgejoLabel; name = forgejoName; sops = { path0 = "${sops}/${forgejoName}"; }; subdomain = forgejoDomain; paths = { path0 = "${servicePath}/${forgejoLabel}"; }; ports = { port0 = 3000; }; ssl = { cert = "${sslPath}/${forgejoDomain}.${domain1}/fullchain.pem"; key = "${sslPath}/${forgejoDomain}.${domain1}/key.pem"; }; }; jellyfin = { label = jellyfinLabel; name = jellyfinName; sops = { path0 = "${sops}/${jellyfinName}"; }; subdomain = jellyfinName; paths = { path0 = "${servicePath}/${jellyfinLabel}"; }; ports = { port0 = 5055; # Jellyseer port1 = 8096; # Jellyfin HTTP port2 = 8920; # Jellyfin HTTPS }; ssl = { cert = "${sslPath}/${jellyfinName}.${domain0}/fullchain.pem"; key = "${sslPath}/${jellyfinName}.${domain0}/key.pem"; }; }; matrix = { label = matrixLabel; name = matrixName; sops = { path0 = "${sops}/${matrixName}"; }; subdomain = matrixName; paths = { path0 = "${servicePath}/${matrixLabel}"; path1 = ""; path2 = ""; }; }; mastodon = { label = mastodonLabel; name = mastodonName; sops = { path0 = "${sops}/${mastodonName}"; }; paths = { path0 = "${servicePath}/${mastodonLabel}"; path1 = ""; path2 = ""; }; ssl = { cert = "${sslPath}/${domain1}/fullchain.pem"; key = "${sslPath}/${domain1}/key.pem"; }; }; minecraft = { label = minecraftLabel; name = minecraftName; sops = { path0 = "${sops}/${minecraftName}"; }; subdomain = minecraftName; paths = { path0 = "${servicePath}/${minecraftLabel}"; }; ports = { port0 = 43000; # Minecraft (Brix on Nix) }; ssl = { cert = "${sslPath}/${minecraftName}.${domain0}/fullchain.pem"; key = "${sslPath}/${minecraftName}.${domain0}/key.pem"; }; }; nextcloud = { label = nextcloudLabel; name = nextcloudName; sops = { path0 = "${sops}/${nextcloudName}"; }; subdomain = nextcloudName; paths = { path0 = "${servicePath}/${nextcloudLabel}"; }; ports = { port0 = 8354; # Nextcloud }; ssl = { cert = "${sslPath}/${nextcloudName}.${domain0}/fullchain.pem"; key = "${sslPath}/${nextcloudName}.${domain0}/key.pem"; }; }; nginx = { ports = { port0 = 8080; # HTTP port1 = 8443; # HTTPS }; }; ollama = { label = ollamaLabel; name = ollamaName; sops = { path0 = "${sops}/${ollamaName}"; }; subdomain = ollamaName; paths = { path0 = "${servicePath}/${ollamaLabel}"; path1 = "/mnt/media/storage/${ollamaName}"; }; ports = { port0 = 8088; # Open-WebUI (Ollama Front End) port1 = 11434; # Ollama API }; ssl = { cert = "${sslPath}/${ollamaName}.${domain0}/fullchain.pem"; key = "${sslPath}/${ollamaName}.${domain0}/key.pem"; }; }; peertube = { label = peertubeLabel; name = peertubeName; sops = { path0 = "${sops}/${peertubeName}"; }; subdomain = "video"; paths = { path0 = "${servicePath}/${peertubeLabel}"; }; ports = { port0 = 9000; # HTTP port1 = 1935; port2 = 1936; port3 = 5432; port4 = 52800; }; ssl = { cert = "${sslPath}/video.${domain1}/fullchain.pem"; key = "${sslPath}/video.${domain1}/key.pem"; }; }; postgresql = { label = postgresLabel; name = postgresName; sops = { path0 = "${sops}/${postgresName}"; }; paths = { path0 = "${servicePath}/${postgresLabel}"; }; ports = { port0 = 5432; }; }; samba = { label = sambaLabel; name = sambaName; sops = { path0 = "${sops}/${sambaName}"; }; paths = { path0 = "${servicePath}/${jellyfinLabel}"; path1 = ""; path2 = ""; }; ports = { port0 = 445; # Samba }; }; synology = { label = synologyLabel; name = synologyName; sops = { path0 = "${sops}/${synologyName}"; }; ports = { port0 = 5001; # Synology HTTPS }; }; syncthing = { label = syncthingLabel; name = syncthingName; sops = { path0 = "${sops}/${syncthingName}"; }; subdomain = syncthingName; ports = { port0 = 8388; # Syncthing (WebUI) port1 = 21027; # Syncthing (Discovery) port2 = 22000; # Syncthing (Transfer) }; ssl = { cert = "${sslPath}/${syncthingName}.${domain0}/fullchain.pem"; key = "${sslPath}/${syncthingName}.${domain0}/key.pem"; }; }; vaultwarden = { label = vaultwardenLabel; name = vaultwardenName; sops = { path0 = "${sops}/${vaultwardenName}"; }; subdomain = vaultwardenName; paths = { path0 = "${servicePath}/${vaultwardenLabel}/BackupDir"; }; ports = { port0 = 8085; # Vaultwarden WebUI }; ssl = { cert = "${sslPath}/${vaultwardenName}.${domain0}/fullchain.pem"; key = "${sslPath}/${vaultwardenName}.${domain0}/key.pem"; }; }; writefreely = let writefreelyDomain = "blog"; in { label = writefreelyLabel; name = writefreelyName; sops = { path0 = "${sops}/${writefreelyName}"; }; subdomain = writefreelyDomain; paths = { path0 = "${servicePath}/${writefreelyLabel}/BackupDir"; }; ports = { port0 = 8093; }; ssl = { cert = "${sslPath}/${writefreelyDomain}.${domain0}/fullchain.pem"; key = "${sslPath}/${writefreelyDomain}.${domain0}/key.pem"; }; }; }; }