mirror of
https://gitlab.com/upRootNutrition/dotfiles.git
synced 2025-06-16 10:05:13 -05:00
431 lines
10 KiB
Nix
Executable file
431 lines
10 KiB
Nix
Executable file
let
|
|
jellyfinLabel = "Jellyfin";
|
|
jellyfinName = "jellyfin";
|
|
|
|
domain0 = "cloudbert.fun";
|
|
domain1 = "the-nutrivore.social";
|
|
domain2 = "the-nutrivore.com";
|
|
|
|
servicePath = "/mnt/media/NAS1";
|
|
|
|
sops = "/var/lib/secrets";
|
|
|
|
sslPath = "/var/lib/acme";
|
|
|
|
varLib = "/var/lib";
|
|
in {
|
|
instances = {
|
|
web = {
|
|
domains = {
|
|
url0 = domain0;
|
|
url1 = domain1;
|
|
url2 = domain2;
|
|
};
|
|
dns = {
|
|
provider0 = "namecheap";
|
|
};
|
|
localhost = {
|
|
address0 = "127.0.0.1"; # Local
|
|
address1 = "0.0.0.0"; # All
|
|
address2 = "192.168.50.1"; # Router
|
|
address3 = "192.168.50.0"; # Router
|
|
};
|
|
};
|
|
acme = let
|
|
acmeLabel = "Acme";
|
|
acmeName = "acme";
|
|
in {
|
|
label = acmeLabel;
|
|
name = acmeName;
|
|
paths = {
|
|
path0 = sslPath;
|
|
};
|
|
sops = {
|
|
path0 = "${sops}/${acmeName}";
|
|
};
|
|
};
|
|
caddy = let
|
|
caddyLabel = "Caddy";
|
|
caddyName = "caddy";
|
|
in {
|
|
label = caddyLabel;
|
|
name = caddyName;
|
|
sops = {
|
|
path0 = "${sops}/${caddyName}";
|
|
};
|
|
ports = {
|
|
port0 = 80;
|
|
port1 = 443;
|
|
};
|
|
};
|
|
castopod = let
|
|
castopodLabel = "Castopod";
|
|
castopodName = "castopod";
|
|
castopodSubdomain = "podcast";
|
|
in {
|
|
label = castopodLabel;
|
|
name = castopodName;
|
|
email = {
|
|
address0 = "noreply@${castopodSubdomain}.${domain1}";
|
|
};
|
|
sops = {
|
|
path0 = "${sops}/${castopodName}";
|
|
};
|
|
subdomain = castopodSubdomain;
|
|
paths = {
|
|
path0 = "${servicePath}/${castopodLabel}";
|
|
};
|
|
ports = {
|
|
port0 = 8000;
|
|
};
|
|
ssl = {
|
|
cert = "${sslPath}/${castopodSubdomain}.${domain1}/fullchain.pem";
|
|
key = "${sslPath}/${castopodSubdomain}.${domain1}/key.pem";
|
|
};
|
|
};
|
|
forgejo = let
|
|
forgejoLabel = "Forgejo";
|
|
forgejoName = "forgejo";
|
|
forgejoSubdomain = "source";
|
|
in {
|
|
label = forgejoLabel;
|
|
name = forgejoName;
|
|
email = {
|
|
address0 = "noreply@${forgejoSubdomain}.${domain1}";
|
|
};
|
|
sops = {
|
|
path0 = "${sops}/${forgejoName}";
|
|
};
|
|
subdomain = forgejoSubdomain;
|
|
paths = {
|
|
path0 = "${servicePath}/${forgejoLabel}";
|
|
};
|
|
ports = {
|
|
port0 = 3033;
|
|
};
|
|
ssl = {
|
|
cert = "${sslPath}/${forgejoSubdomain}.${domain1}/fullchain.pem";
|
|
key = "${sslPath}/${forgejoSubdomain}.${domain1}/key.pem";
|
|
};
|
|
};
|
|
jellyfin = {
|
|
label = jellyfinLabel;
|
|
name = jellyfinName;
|
|
sops = {
|
|
path0 = "${sops}/${jellyfinName}";
|
|
};
|
|
subdomain = jellyfinName;
|
|
paths = {
|
|
path0 = "${servicePath}/${jellyfinLabel}";
|
|
};
|
|
ports = {
|
|
port0 = 5055; # Jellyseer
|
|
port1 = 8096; # Jellyfin HTTP
|
|
port2 = 8920; # Jellyfin HTTPS
|
|
};
|
|
ssl = {
|
|
cert = "${sslPath}/${jellyfinName}.${domain0}/fullchain.pem";
|
|
key = "${sslPath}/${jellyfinName}.${domain0}/key.pem";
|
|
};
|
|
};
|
|
matrix = let
|
|
matrixLabel = "Matrix";
|
|
matrixName = "matrix";
|
|
in {
|
|
label = matrixLabel;
|
|
name = matrixName;
|
|
sops = {
|
|
path0 = "${sops}/${matrixName}";
|
|
};
|
|
subdomain = matrixName;
|
|
paths = {
|
|
path0 = "${servicePath}/${matrixLabel}";
|
|
path1 = "";
|
|
path2 = "";
|
|
};
|
|
};
|
|
mastodon = let
|
|
mastodonLabel = "Mastodon";
|
|
mastodonName = "mastodon";
|
|
in {
|
|
label = mastodonLabel;
|
|
name = mastodonName;
|
|
email = {
|
|
address0 = "thenutrivore@${domain1}";
|
|
};
|
|
sops = {
|
|
path0 = "${sops}/${mastodonName}";
|
|
};
|
|
paths = {
|
|
path0 = "${servicePath}/${mastodonLabel}";
|
|
path1 = "";
|
|
path2 = "";
|
|
};
|
|
ssl = {
|
|
cert = "${sslPath}/${domain1}/fullchain.pem";
|
|
key = "${sslPath}/${domain1}/key.pem";
|
|
};
|
|
};
|
|
minecraft = let
|
|
minecraftLabel = "Minecraft";
|
|
minecraftName = "minecraft";
|
|
in {
|
|
label = minecraftLabel;
|
|
name = minecraftName;
|
|
sops = {
|
|
path0 = "${sops}/${minecraftName}";
|
|
};
|
|
subdomain = minecraftName;
|
|
paths = {
|
|
path0 = "${servicePath}/${minecraftLabel}";
|
|
};
|
|
ports = {
|
|
port0 = 43000; # Minecraft (Brix on Nix)
|
|
};
|
|
ssl = {
|
|
cert = "${sslPath}/${minecraftName}.${domain0}/fullchain.pem";
|
|
key = "${sslPath}/${minecraftName}.${domain0}/key.pem";
|
|
};
|
|
};
|
|
nextcloud = let
|
|
nextcloudLabel = "Nextcloud";
|
|
nextcloudName = "nextcloud";
|
|
in {
|
|
label = nextcloudLabel;
|
|
name = nextcloudName;
|
|
sops = {
|
|
path0 = "${sops}/${nextcloudName}";
|
|
};
|
|
subdomain = nextcloudName;
|
|
paths = {
|
|
path0 = "${servicePath}/${nextcloudLabel}";
|
|
};
|
|
ports = {
|
|
port0 = 8354; # Nextcloud
|
|
};
|
|
ssl = {
|
|
cert = "${sslPath}/${nextcloudName}.${domain1}/fullchain.pem";
|
|
key = "${sslPath}/${nextcloudName}.${domain1}/key.pem";
|
|
};
|
|
};
|
|
nginx = {
|
|
ports = {
|
|
port0 = 8080; # HTTP
|
|
port1 = 8443; # HTTPS
|
|
};
|
|
};
|
|
ollama = let
|
|
ollamaLabel = "Ollama";
|
|
ollamaName = "ollama";
|
|
in {
|
|
label = ollamaLabel;
|
|
name = ollamaName;
|
|
sops = {
|
|
path0 = "${sops}/${ollamaName}";
|
|
};
|
|
subdomain = ollamaName;
|
|
paths = {
|
|
path0 = "${servicePath}/${ollamaLabel}";
|
|
path1 = "/mnt/media/storage/${ollamaName}";
|
|
};
|
|
ports = {
|
|
port0 = 8088; # Open-WebUI (Ollama Front End)
|
|
port1 = 11434; # Ollama API
|
|
};
|
|
ssl = {
|
|
cert = "${sslPath}/${ollamaName}.${domain0}/fullchain.pem";
|
|
key = "${sslPath}/${ollamaName}.${domain0}/key.pem";
|
|
};
|
|
};
|
|
owncast = let
|
|
owncastLabel = "Owncast";
|
|
owncastName = "owncast";
|
|
owncastSubdomain = "stream";
|
|
in {
|
|
label = owncastLabel;
|
|
name = owncastName;
|
|
sops = {
|
|
path0 = "${sops}/${owncastName}";
|
|
};
|
|
subdomain = owncastSubdomain;
|
|
paths = {
|
|
path0 = "${servicePath}/${owncastLabel}";
|
|
path1 = "/mnt/media/storage/${owncastName}";
|
|
};
|
|
ports = {
|
|
port0 = 9454;
|
|
port1 = 1935;
|
|
};
|
|
ssl = {
|
|
cert = "${sslPath}/${owncastSubdomain}.${domain1}/fullchain.pem";
|
|
key = "${sslPath}/${owncastSubdomain}.${domain1}/key.pem";
|
|
};
|
|
};
|
|
peertube = let
|
|
peertubeLabel = "PeerTube";
|
|
peertubeName = "peertube";
|
|
peertubeSubdomain = "video";
|
|
in {
|
|
label = peertubeLabel;
|
|
name = peertubeName;
|
|
email = {
|
|
address0 = "noreply@${peertubeSubdomain}.${domain1}";
|
|
};
|
|
sops = {
|
|
path0 = "${sops}/${peertubeName}";
|
|
};
|
|
subdomain = peertubeSubdomain;
|
|
paths = {
|
|
path0 = "${servicePath}/${peertubeLabel}";
|
|
};
|
|
ports = {
|
|
port0 = 9000; # HTTP
|
|
port1 = 1935;
|
|
port2 = 1936;
|
|
port3 = 5432;
|
|
port4 = 52800;
|
|
};
|
|
ssl = {
|
|
cert = "${sslPath}/video.${domain1}/fullchain.pem";
|
|
key = "${sslPath}/video.${domain1}/key.pem";
|
|
};
|
|
};
|
|
postgresql = let
|
|
postgresLabel = "PostgreSQL";
|
|
postgresName = "postgres";
|
|
in {
|
|
label = postgresLabel;
|
|
name = postgresName;
|
|
sops = {
|
|
path0 = "${sops}/${postgresName}";
|
|
};
|
|
paths = {
|
|
path0 = "${servicePath}/${postgresLabel}";
|
|
};
|
|
ports = {
|
|
port0 = 5432;
|
|
};
|
|
};
|
|
samba = let
|
|
sambaLabel = "Samba";
|
|
sambaName = "samba";
|
|
in {
|
|
label = sambaLabel;
|
|
name = sambaName;
|
|
sops = {
|
|
path0 = "${sops}/${sambaName}";
|
|
};
|
|
paths = {
|
|
path0 = "${servicePath}/${jellyfinLabel}";
|
|
path1 = jellyfinName;
|
|
path2 = "";
|
|
};
|
|
ports = {
|
|
port0 = 445; # Samba
|
|
};
|
|
};
|
|
syncthing = let
|
|
syncthingLabel = "Syncthing";
|
|
syncthingName = "syncthing";
|
|
in {
|
|
label = syncthingLabel;
|
|
name = syncthingName;
|
|
sops = {
|
|
path0 = "${sops}/${syncthingName}";
|
|
};
|
|
subdomain = syncthingName;
|
|
ports = {
|
|
port0 = 8388; # Syncthing (WebUI)
|
|
port1 = 21027; # Syncthing (Discovery)
|
|
port2 = 22000; # Syncthing (Transfer)
|
|
};
|
|
ssl = {
|
|
cert = "${sslPath}/${syncthingName}.${domain0}/fullchain.pem";
|
|
key = "${sslPath}/${syncthingName}.${domain0}/key.pem";
|
|
};
|
|
};
|
|
synology = let
|
|
synologyLabel = "Synology";
|
|
synologyName = "synology";
|
|
in {
|
|
label = synologyLabel;
|
|
name = synologyName;
|
|
sops = {
|
|
path0 = "${sops}/${synologyName}";
|
|
};
|
|
ports = {
|
|
port0 = 5001; # Synology HTTPS
|
|
};
|
|
};
|
|
vaultwarden = let
|
|
vaultwardenLabel = "Vaultwarden";
|
|
vaultwardenName = "vaultwarden";
|
|
in {
|
|
label = vaultwardenLabel;
|
|
name = vaultwardenName;
|
|
email = {
|
|
address0 = "noreply@${vaultwardenName}.${domain0}";
|
|
};
|
|
sops = {
|
|
path0 = "${sops}/${vaultwardenName}";
|
|
};
|
|
subdomain = vaultwardenName;
|
|
paths = {
|
|
path0 = "${servicePath}/${vaultwardenLabel}/BackupDir";
|
|
};
|
|
ports = {
|
|
port0 = 8085; # Vaultwarden WebUI
|
|
};
|
|
ssl = {
|
|
cert = "${sslPath}/${vaultwardenName}.${domain0}/fullchain.pem";
|
|
key = "${sslPath}/${vaultwardenName}.${domain0}/key.pem";
|
|
};
|
|
};
|
|
wiki = let
|
|
wikiLabel = "Wiki-js";
|
|
wikiName = "wiki-js";
|
|
wikiSubdomain = "vault";
|
|
in {
|
|
label = wikiLabel;
|
|
name = wikiName;
|
|
sops = {
|
|
path0 = "${sops}/${wikiName}";
|
|
};
|
|
subdomain = wikiSubdomain;
|
|
paths = {
|
|
path0 = "${servicePath}/${wikiLabel}";
|
|
path1 = "${varLib}/DataDir";
|
|
};
|
|
ports = {
|
|
port0 = 3000;
|
|
port1 = 5432;
|
|
};
|
|
ssl = {
|
|
cert = "${sslPath}/${wikiSubdomain}.${domain1}/fullchain.pem";
|
|
key = "${sslPath}/${wikiSubdomain}.${domain1}/key.pem";
|
|
};
|
|
};
|
|
writefreely = let
|
|
writefreelyLabel = "WriteFreely";
|
|
writefreelyName = "writefreely";
|
|
writefreelySubdomain = "blog";
|
|
in {
|
|
label = writefreelyLabel;
|
|
name = writefreelyName;
|
|
sops = {
|
|
path0 = "${sops}/${writefreelyName}";
|
|
};
|
|
subdomain = writefreelySubdomain;
|
|
paths = {
|
|
path0 = "${servicePath}/${writefreelyLabel}/BackupDir";
|
|
};
|
|
ports = {
|
|
port0 = 8093;
|
|
};
|
|
ssl = {
|
|
cert = "${sslPath}/${writefreelySubdomain}.${domain1}/fullchain.pem";
|
|
key = "${sslPath}/${writefreelySubdomain}.${domain1}/key.pem";
|
|
};
|
|
};
|
|
};
|
|
}
|