let jellyfinLabel = "Jellyfin"; jellyfinName = "jellyfin"; domain0 = "cloudbert.fun"; domain1 = "the-nutrivore.social"; domain2 = "the-nutrivore.com"; servicePath = "/mnt/media/NAS1"; sops = "/var/lib/secrets"; sslPath = "/var/lib/acme"; varLib = "/var/lib"; in { instances = { web = { domains = { url0 = domain0; url1 = domain1; url2 = domain2; }; dns = { provider0 = "namecheap"; }; localhost = { address0 = "127.0.0.1"; # Local address1 = "0.0.0.0"; # All address2 = "192.168.50.1"; # Router address3 = "192.168.50.0"; # Router }; }; acme = let acmeLabel = "Acme"; acmeName = "acme"; in { label = acmeLabel; name = acmeName; paths = { path0 = sslPath; }; sops = { path0 = "${sops}/${acmeName}"; }; }; caddy = let caddyLabel = "Caddy"; caddyName = "caddy"; in { label = caddyLabel; name = caddyName; sops = { path0 = "${sops}/${caddyName}"; }; ports = { port0 = 80; port1 = 443; }; }; castopod = let castopodLabel = "Castopod"; castopodName = "castopod"; castopodSubdomain = "podcast"; in { label = castopodLabel; name = castopodName; email = { address0 = "noreply@${castopodSubdomain}.${domain1}"; }; sops = { path0 = "${sops}/${castopodName}"; }; subdomain = castopodSubdomain; paths = { path0 = "${servicePath}/${castopodLabel}"; }; ports = { port0 = 8000; }; ssl = { cert = "${sslPath}/${castopodSubdomain}.${domain1}/fullchain.pem"; key = "${sslPath}/${castopodSubdomain}.${domain1}/key.pem"; }; }; forgejo = let forgejoLabel = "Forgejo"; forgejoName = "forgejo"; forgejoSubdomain = "source"; in { label = forgejoLabel; name = forgejoName; email = { address0 = "noreply@${forgejoSubdomain}.${domain1}"; }; sops = { path0 = "${sops}/${forgejoName}"; }; subdomain = forgejoSubdomain; paths = { path0 = "${servicePath}/${forgejoLabel}"; }; ports = { port0 = 3033; }; ssl = { cert = "${sslPath}/${forgejoSubdomain}.${domain1}/fullchain.pem"; key = "${sslPath}/${forgejoSubdomain}.${domain1}/key.pem"; }; }; jellyfin = { label = jellyfinLabel; name = jellyfinName; sops = { path0 = "${sops}/${jellyfinName}"; }; subdomain = jellyfinName; paths = { path0 = "${servicePath}/${jellyfinLabel}"; }; ports = { port0 = 5055; # Jellyseer port1 = 8096; # Jellyfin HTTP port2 = 8920; # Jellyfin HTTPS }; ssl = { cert = "${sslPath}/${jellyfinName}.${domain0}/fullchain.pem"; key = "${sslPath}/${jellyfinName}.${domain0}/key.pem"; }; }; matrix = let matrixLabel = "Matrix"; matrixName = "matrix"; in { label = matrixLabel; name = matrixName; sops = { path0 = "${sops}/${matrixName}"; }; subdomain = matrixName; paths = { path0 = "${servicePath}/${matrixLabel}"; path1 = ""; path2 = ""; }; }; mastodon = let mastodonLabel = "Mastodon"; mastodonName = "mastodon"; in { label = mastodonLabel; name = mastodonName; email = { address0 = "thenutrivore@${domain1}"; }; sops = { path0 = "${sops}/${mastodonName}"; }; paths = { path0 = "${servicePath}/${mastodonLabel}"; path1 = ""; path2 = ""; }; ssl = { cert = "${sslPath}/${domain1}/fullchain.pem"; key = "${sslPath}/${domain1}/key.pem"; }; }; minecraft = let minecraftLabel = "Minecraft"; minecraftName = "minecraft"; in { label = minecraftLabel; name = minecraftName; sops = { path0 = "${sops}/${minecraftName}"; }; subdomain = minecraftName; paths = { path0 = "${servicePath}/${minecraftLabel}"; }; ports = { port0 = 43000; # Minecraft (Brix on Nix) }; ssl = { cert = "${sslPath}/${minecraftName}.${domain0}/fullchain.pem"; key = "${sslPath}/${minecraftName}.${domain0}/key.pem"; }; }; nextcloud = let nextcloudLabel = "Nextcloud"; nextcloudName = "nextcloud"; in { label = nextcloudLabel; name = nextcloudName; sops = { path0 = "${sops}/${nextcloudName}"; }; subdomain = nextcloudName; paths = { path0 = "${servicePath}/${nextcloudLabel}"; }; ports = { port0 = 8354; # Nextcloud }; ssl = { cert = "${sslPath}/${nextcloudName}.${domain1}/fullchain.pem"; key = "${sslPath}/${nextcloudName}.${domain1}/key.pem"; }; }; nginx = { ports = { port0 = 8080; # HTTP port1 = 8443; # HTTPS }; }; ollama = let ollamaLabel = "Ollama"; ollamaName = "ollama"; in { label = ollamaLabel; name = ollamaName; sops = { path0 = "${sops}/${ollamaName}"; }; subdomain = ollamaName; paths = { path0 = "${servicePath}/${ollamaLabel}"; path1 = "/mnt/media/storage/${ollamaName}"; }; ports = { port0 = 8088; # Open-WebUI (Ollama Front End) port1 = 11434; # Ollama API }; ssl = { cert = "${sslPath}/${ollamaName}.${domain0}/fullchain.pem"; key = "${sslPath}/${ollamaName}.${domain0}/key.pem"; }; }; owncast = let owncastLabel = "Owncast"; owncastName = "owncast"; owncastSubdomain = "stream"; in { label = owncastLabel; name = owncastName; sops = { path0 = "${sops}/${owncastName}"; }; subdomain = owncastSubdomain; paths = { path0 = "${servicePath}/${owncastLabel}"; path1 = "/mnt/media/storage/${owncastName}"; }; ports = { port0 = 9454; port1 = 1935; }; ssl = { cert = "${sslPath}/${owncastSubdomain}.${domain1}/fullchain.pem"; key = "${sslPath}/${owncastSubdomain}.${domain1}/key.pem"; }; }; peertube = let peertubeLabel = "PeerTube"; peertubeName = "peertube"; peertubeSubdomain = "video"; in { label = peertubeLabel; name = peertubeName; email = { address0 = "noreply@${peertubeSubdomain}.${domain1}"; }; sops = { path0 = "${sops}/${peertubeName}"; }; subdomain = peertubeSubdomain; paths = { path0 = "${servicePath}/${peertubeLabel}"; }; ports = { port0 = 9000; # HTTP port1 = 1935; port2 = 1936; port3 = 5432; port4 = 52800; }; ssl = { cert = "${sslPath}/video.${domain1}/fullchain.pem"; key = "${sslPath}/video.${domain1}/key.pem"; }; }; postgresql = let postgresLabel = "PostgreSQL"; postgresName = "postgres"; in { label = postgresLabel; name = postgresName; sops = { path0 = "${sops}/${postgresName}"; }; paths = { path0 = "${servicePath}/${postgresLabel}"; }; ports = { port0 = 5432; }; }; samba = let sambaLabel = "Samba"; sambaName = "samba"; in { label = sambaLabel; name = sambaName; sops = { path0 = "${sops}/${sambaName}"; }; paths = { path0 = "${servicePath}/${jellyfinLabel}"; path1 = jellyfinName; path2 = ""; }; ports = { port0 = 445; # Samba }; }; syncthing = let syncthingLabel = "Syncthing"; syncthingName = "syncthing"; in { label = syncthingLabel; name = syncthingName; sops = { path0 = "${sops}/${syncthingName}"; }; subdomain = syncthingName; ports = { port0 = 8388; # Syncthing (WebUI) port1 = 21027; # Syncthing (Discovery) port2 = 22000; # Syncthing (Transfer) }; ssl = { cert = "${sslPath}/${syncthingName}.${domain0}/fullchain.pem"; key = "${sslPath}/${syncthingName}.${domain0}/key.pem"; }; }; synology = let synologyLabel = "Synology"; synologyName = "synology"; in { label = synologyLabel; name = synologyName; sops = { path0 = "${sops}/${synologyName}"; }; ports = { port0 = 5001; # Synology HTTPS }; }; vaultwarden = let vaultwardenLabel = "Vaultwarden"; vaultwardenName = "vaultwarden"; in { label = vaultwardenLabel; name = vaultwardenName; email = { address0 = "noreply@${vaultwardenName}.${domain0}"; }; sops = { path0 = "${sops}/${vaultwardenName}"; }; subdomain = vaultwardenName; paths = { path0 = "${servicePath}/${vaultwardenLabel}/BackupDir"; }; ports = { port0 = 8085; # Vaultwarden WebUI }; ssl = { cert = "${sslPath}/${vaultwardenName}.${domain0}/fullchain.pem"; key = "${sslPath}/${vaultwardenName}.${domain0}/key.pem"; }; }; wiki = let wikiLabel = "Wiki-js"; wikiName = "wiki-js"; wikiSubdomain = "vault"; in { label = wikiLabel; name = wikiName; sops = { path0 = "${sops}/${wikiName}"; }; subdomain = wikiSubdomain; paths = { path0 = "${servicePath}/${wikiLabel}"; path1 = "${varLib}/DataDir"; }; ports = { port0 = 3000; port1 = 5432; }; ssl = { cert = "${sslPath}/${wikiSubdomain}.${domain1}/fullchain.pem"; key = "${sslPath}/${wikiSubdomain}.${domain1}/key.pem"; }; }; writefreely = let writefreelyLabel = "WriteFreely"; writefreelyName = "writefreely"; writefreelySubdomain = "blog"; in { label = writefreelyLabel; name = writefreelyName; sops = { path0 = "${sops}/${writefreelyName}"; }; subdomain = writefreelySubdomain; paths = { path0 = "${servicePath}/${writefreelyLabel}/BackupDir"; }; ports = { port0 = 8093; }; ssl = { cert = "${sslPath}/${writefreelySubdomain}.${domain1}/fullchain.pem"; key = "${sslPath}/${writefreelySubdomain}.${domain1}/key.pem"; }; }; }; }