will-holdsworth/dots
1
1
Fork 0
Code Issues 22 Pull requests Projects 1 Releases Packages Wiki Activity Actions 1

Host gatus #122

Merged
wi11-holdsworth merged 2 commits from 95 into main 2026-03-04 21:27:33 +11:00
Conversation 0 Commits 2 Files changed 26 +464 -108
25 changed files with 464 additions and 108 deletions
Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit 48315cfb8e - Show all commits

18
modules/nixos/features/bazarr.nix
View file

@ -1,6 +1,8 @@
let
port = 5017;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "subtitles.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
@ -11,7 +13,21 @@ in
listenPort = port;
};
caddy.virtualHosts."bazarr.fi33.buzz".extraConfig = ''
gatus.settings.endpoints = [
{
name = "Bazarr";
group = "Media Management";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3

18
modules/nixos/features/copyparty.nix
View file

@ -8,6 +8,8 @@
let
port = 5000;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "files.fi33.buzz";
url = "https://${hostname}";
in
{
imports = [ inputs.copyparty.nixosModules.default ];
@ -35,7 +37,21 @@ in
};
};
caddy.virtualHosts."copyparty.fi33.buzz".extraConfig = ''
gatus.settings.endpoints = [
{
name = "copyparty";
group = "Private Services";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3

20
modules/nixos/features/couchdb.nix
View file

@ -1,6 +1,8 @@
let
port = 5984;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "couchdb.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
@ -29,13 +31,27 @@ in
cors = {
credentials = true;
origins = ''
app://obsidian.md,capacitor://localhost,http://localhost,https://localhost,capacitor://couchdb.fi33.buzz,http://couchdb.fi33.buzz,https://couchdb.fi33.buzz
app://obsidian.md,capacitor://localhost,http://localhost,https://localhost,capacitor://${hostname},http://${hostname},${url}
'';
};
};
};
caddy.virtualHosts."couchdb.fi33.buzz".extraConfig = ''
gatus.settings.endpoints = [
{
name = "CouchDB";
group = "Private Services";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 401"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3

22
modules/nixos/features/cryptpad.nix
View file

@ -2,6 +2,8 @@ let
httpPort = 5022;
websocketPort = 5024;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "cryptpad.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
@ -10,7 +12,7 @@ in
settings = {
inherit httpPort;
inherit websocketPort;
httpUnsafeOrigin = "https://cryptpad.fi33.buzz";
httpUnsafeOrigin = url;
httpSafeOrigin = "https://cryptpad-ui.fi33.buzz";
inactiveTime = 7;
archiveRetentionTime = 7;
@ -18,7 +20,21 @@ in
};
};
caddy.virtualHosts."cryptpad.fi33.buzz, cryptpad-ui.fi33.buzz".extraConfig = ''
gatus.settings.endpoints = [
{
name = "CryptPad";
group = "Public Services";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
}
];
caddy.virtualHosts."${hostname} cryptpad-ui.fi33.buzz".extraConfig = ''
header Strict-Transport-Security "includeSubDomains; preload"
handle /cryptpad_websocket* {
@ -36,7 +52,7 @@ in
}
@register {
host cryptpad.fi33.buzz
host ${hostname}
path /register*
}
respond @register 403

34
modules/nixos/features/gatus.nix
View file

@ -1,43 +1,17 @@
let
port = 5025;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "status.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
gatus = {
enable = true;
settings = {
web = {
inherit port;
};
endpoints = [
{
name = "website";
url = "https://twin.sh/health";
interval = "5m";
conditions = [
"[STATUS] == 200"
"[BODY].status == UP"
"[RESPONSE_TIME] < 300"
];
}
];
};
settings.web.port = port;
};
# borgmatic.settings = {
# source_directories = [ ];
# postgresql_databases = [
# {
# name = "gatus";
# hostname = "localhost";
# username = "root";
# password = "{credential systemd borgmatic-pg}";
# }
# ];
# };
caddy.virtualHosts."uptime.fi33.buzz".extraConfig = ''
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3

122
modules/nixos/features/homepage-dashboard.nix
View file

@ -38,13 +38,15 @@ let
# keep-sorted end
];
certloc = "/var/lib/acme/fi33.buzz";
hostname = "home.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
homepage-dashboard = {
enable = true;
listenPort = port;
allowedHosts = "homepage-dashboard.fi33.buzz";
allowedHosts = hostname;
services = [
{
"Public Services" = [
@ -80,11 +82,11 @@ in
Radarr = {
description = "Movie organizer/manager";
icon = "radarr.svg";
href = "https://radarr.fi33.buzz/";
siteMonitor = "https://radarr.fi33.buzz/";
href = "https://movies.fi33.buzz/";
siteMonitor = "https://movies.fi33.buzz/";
widget = {
type = "radarr";
url = "https://radarr.fi33.buzz/";
url = "https://movies.fi33.buzz/";
key = "@radarr@";
enableQueue = true;
};
@ -94,11 +96,11 @@ in
Sonarr = {
description = "Smart PVR";
icon = "sonarr.svg";
href = "https://sonarr.fi33.buzz/";
siteMonitor = "https://sonarr.fi33.buzz/";
href = "https://shows.fi33.buzz/";
siteMonitor = "https://shows.fi33.buzz/";
widget = {
type = "sonarr";
url = "https://sonarr.fi33.buzz/";
url = "https://shows.fi33.buzz/";
key = "@sonarr@";
enableQueue = true;
};
@ -108,11 +110,11 @@ in
Lidarr = {
description = "Like Sonarr but made for music";
icon = "lidarr.svg";
href = "https://lidarr.fi33.buzz/";
siteMonitor = "https://lidarr.fi33.buzz/";
href = "https://music.fi33.buzz/";
siteMonitor = "https://music.fi33.buzz/";
widget = {
type = "lidarr";
url = "https://lidarr.fi33.buzz/";
url = "https://music.fi33.buzz/";
key = "@lidarr@";
enableQueue = true;
};
@ -122,11 +124,11 @@ in
Readarr = {
description = "Book Manager and Automation";
icon = "readarr.svg";
href = "https://readarr.fi33.buzz/";
siteMonitor = "https://readarr.fi33.buzz/";
href = "https://books.fi33.buzz/";
siteMonitor = "https://books.fi33.buzz/";
widget = {
type = "readarr";
url = "https://readarr.fi33.buzz/";
url = "https://books.fi33.buzz/";
key = "@readarr@";
enableQueue = true;
};
@ -136,11 +138,11 @@ in
Bazarr = {
description = "Subtitle manager and downloader";
icon = "bazarr.svg";
href = "https://bazarr.fi33.buzz/";
siteMonitor = "https://bazarr.fi33.buzz/";
href = "https://subtitles.fi33.buzz/";
siteMonitor = "https://subtitles.fi33.buzz/";
widget = {
type = "bazarr";
url = "https://bazarr.fi33.buzz/";
url = "https://subtitles.fi33.buzz/";
key = "@subtitles@";
};
};
@ -162,11 +164,11 @@ in
NZBget = {
description = "Usenet Downloader";
icon = "nzbget.svg";
href = "https://nzbget.fi33.buzz/";
siteMonitor = "https://nzbget.fi33.buzz/";
href = "https://usenet.fi33.buzz/";
siteMonitor = "https://usenet.fi33.buzz/";
widget = {
type = "nzbget";
url = "https://nzbget.fi33.buzz/";
url = "https://usenet.fi33.buzz/";
username = "nzbget";
password = "@nzbget@";
};
@ -176,8 +178,8 @@ in
qBittorrent = {
description = "BitTorrent client";
icon = "qbittorrent.svg";
href = "https://qbittorrent.fi33.buzz/";
siteMonitor = "https://qbittorrent.fi33.buzz/";
href = "https://bittorrent.fi33.buzz/";
siteMonitor = "https://bittorrent.fi33.buzz/";
};
}
];
@ -188,8 +190,8 @@ in
copyparty = {
description = "Portable file server";
icon = "sh-copyparty.svg";
href = "https://copyparty.fi33.buzz/";
siteMonitor = "https://copyparty.fi33.buzz/";
href = "https://files.fi33.buzz/";
siteMonitor = "https://files.fi33.buzz/";
};
}
{
@ -204,32 +206,32 @@ in
ntfy = {
description = "Send push notifications using PUT/POST";
icon = "ntfy.svg";
href = "https://ntfy-sh.fi33.buzz/";
siteMonitor = "https://ntfy-sh.fi33.buzz/";
href = "https://notify.fi33.buzz/";
siteMonitor = "https://notify.fi33.buzz/";
};
}
{
Radicale = {
description = "A simple CalDAV (calendar) and CardDAV (contact) server";
icon = "radicale.svg";
href = "https://radicale.fi33.buzz";
siteMonitor = "https://radicale.fi33.buzz";
href = "https://caldav.fi33.buzz";
siteMonitor = "https://caldav.fi33.buzz";
};
}
{
Syncthing = {
description = "Open Source Continuous File Synchronization";
icon = "syncthing.svg";
href = "https://syncthing.fi33.buzz/";
siteMonitor = "https://syncthing.fi33.buzz/";
href = "https://sync.fi33.buzz/";
siteMonitor = "https://sync.fi33.buzz/";
};
}
{
Vaultwarden = {
description = "Unofficial Bitwarden compatible server";
icon = "vaultwarden.svg";
href = "https://vaultwarden.fi33.buzz/";
siteMonitor = "https://vaultwarden.fi33.buzz/";
href = "https://vault.fi33.buzz/";
siteMonitor = "https://vault.fi33.buzz/";
};
}
];
@ -240,8 +242,8 @@ in
Immich = {
description = "Photo and video management solution";
icon = "immich.svg";
href = "https://immich.fi33.buzz/";
siteMonitor = "https://immich.fi33.buzz/";
href = "https://photos.fi33.buzz/";
siteMonitor = "https://photos.fi33.buzz/";
widget = {
type = "immich";
fields = [
@ -250,7 +252,7 @@ in
"videos"
"storage"
];
url = "https://immich.fi33.buzz/";
url = "https://photos.fi33.buzz/";
version = 2;
key = "@immich@";
};
@ -260,11 +262,11 @@ in
Jellyfin = {
description = "Media System";
icon = "jellyfin.svg";
href = "https://jellyfin.fi33.buzz/";
siteMonitor = "https://jellyfin.fi33.buzz/";
href = "https://media.fi33.buzz/";
siteMonitor = "https://media.fi33.buzz/";
widget = {
type = "jellyfin";
url = "https://jellyfin.fi33.buzz/";
url = "https://media.fi33.buzz/";
key = "@jellyfin@";
enableBlocks = true;
enableNowPlaying = true;
@ -278,11 +280,11 @@ in
Kavita = {
description = "Reading server";
icon = "kavita.svg";
href = "https://kavita.fi33.buzz/";
siteMonitor = "https://kavita.fi33.buzz/";
href = "https://library.fi33.buzz/";
siteMonitor = "https://library.fi33.buzz/";
widget = {
type = "kavita";
url = "https://kavita.fi33.buzz/";
url = "https://library.fi33.buzz/";
key = "@kavita-api@";
};
};
@ -291,11 +293,11 @@ in
Miniflux = {
description = "Feed reader";
icon = "miniflux.svg";
href = "https://miniflux.fi33.buzz/";
siteMonitor = "https://miniflux.fi33.buzz/";
href = "https://feeds.fi33.buzz/";
siteMonitor = "https://feeds.fi33.buzz/";
widget = {
type = "miniflux";
url = "https://miniflux.fi33.buzz/";
url = "https://feeds.fi33.buzz/";
key = "@miniflux@";
};
};
@ -304,11 +306,11 @@ in
Paperless = {
description = "Document management system";
icon = "paperless.svg";
href = "https://paperless.fi33.buzz/";
siteMonitor = "https://paperless.fi33.buzz/";
href = "https://documents.fi33.buzz/";
siteMonitor = "https://documents.fi33.buzz/";
widget = {
type = "paperlessngx";
url = "https://paperless.fi33.buzz/";
url = "https://documents.fi33.buzz/";
username = "admin";
password = "@paperless@";
};
@ -318,6 +320,18 @@ in
}
{
Utilities = [
{
Gatus = {
description = "Status page";
icon = "gatus.svg";
href = "https://status.fi33.buzz/";
siteMonitor = "https://status.fi33.buzz/";
widget = {
type = "gatus";
url = "https://status.fi33.buzz/";
};
};
}
{
NanoKVM = {
description = "Remote KVM switch";
@ -407,7 +421,21 @@ in
];
};
caddy.virtualHosts."homepage-dashboard.fi33.buzz".extraConfig = ''
gatus.settings.endpoints = [
{
name = "Homepage Dashboard";
group = "Utilities";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3

18
modules/nixos/features/immich.nix
View file

@ -1,6 +1,8 @@
let
port = 2283;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "photos.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
@ -10,6 +12,20 @@ in
mediaLocation = "/srv/immich";
};
gatus.settings.endpoints = [
{
name = "Immich";
group = "Media Streaming";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
}
];
borgmatic.settings.postgresql_databases = [
{
name = "immich";
@ -19,7 +35,7 @@ in
}
];
caddy.virtualHosts."immich.fi33.buzz".extraConfig = ''
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3

18
modules/nixos/features/jellyfin.nix
View file

@ -1,6 +1,8 @@
let
port = 8096;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "media.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
@ -10,7 +12,21 @@ in
group = "srv";
};
caddy.virtualHosts."jellyfin.fi33.buzz".extraConfig = ''
gatus.settings.endpoints = [
{
name = "Jellyfin";
group = "Media Streaming";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3

18
modules/nixos/features/kavita.nix
View file

@ -5,6 +5,8 @@
let
port = 5015;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "library.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
@ -15,7 +17,21 @@ in
tokenKeyFile = config.age.secrets.kavita.path;
};
caddy.virtualHosts."kavita.fi33.buzz".extraConfig = ''
gatus.settings.endpoints = [
{
name = "Kavita";
group = "Media Streaming";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3

18
modules/nixos/features/libretranslate.nix
View file

@ -1,6 +1,8 @@
let
port = 5023;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "translate.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
@ -10,7 +12,21 @@ in
updateModels = true;
};
caddy.virtualHosts."translate.fi33.buzz".extraConfig = ''
gatus.settings.endpoints = [
{
name = "LibreTranslate";
group = "Public Services";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3

18
modules/nixos/features/lidarr.nix
View file

@ -1,6 +1,8 @@
let
port = 5012;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "music.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
@ -13,7 +15,21 @@ in
group = "srv";
};
caddy.virtualHosts."lidarr.fi33.buzz".extraConfig = ''
gatus.settings.endpoints = [
{
name = "Lidarr";
group = "Media Management";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3

20
modules/nixos/features/miniflux.nix
View file

@ -5,6 +5,8 @@
let
port = 5010;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "feeds.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
@ -12,11 +14,25 @@ in
enable = true;
adminCredentialsFile = config.age.secrets.miniflux-creds.path;
config = {
BASE_URL = "https://miniflux.fi33.buzz";
BASE_URL = url;
LISTEN_ADDR = "localhost:${toString port}";
};
};
gatus.settings.endpoints = [
{
name = "Miniflux";
group = "Media Streaming";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
}
];
borgmatic.settings.postgresql_databases = [
{
name = "miniflux";
@ -26,7 +42,7 @@ in
}
];
caddy.virtualHosts."miniflux.fi33.buzz".extraConfig = ''
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3

20
modules/nixos/features/ntfy-sh.nix
View file

@ -1,13 +1,15 @@
let
port = 5002;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "notify.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
ntfy-sh = {
enable = true;
settings = {
base-url = "https://ntfy-sh.fi33.buzz";
base-url = url;
listen-http = ":${toString port}";
behind-proxy = true;
auth-default-access = "deny-all";
@ -19,13 +21,27 @@ in
};
};
gatus.settings.endpoints = [
{
name = "ntfy";
group = "Private Services";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
}
];
borgmatic.settings = {
source_directories = [
"/var/lib/ntfy-sh/user.db"
];
};
caddy.virtualHosts."ntfy-sh.fi33.buzz".extraConfig = ''
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3

18
modules/nixos/features/nzbget.nix
View file

@ -5,6 +5,8 @@
let
port = 5018;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "usenet.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
@ -17,7 +19,21 @@ in
group = "srv";
};
caddy.virtualHosts."nzbget.fi33.buzz".extraConfig = ''
gatus.settings.endpoints = [
{
name = "NZBget";
group = "Media Management";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 401"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3

20
modules/nixos/features/paperless.nix
View file

@ -5,6 +5,8 @@
let
port = 5013;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "documents.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
@ -15,10 +17,24 @@ in
passwordFile = config.age.secrets.paperless.path;
inherit port;
settings = {
PAPERLESS_URL = "https://paperless.fi33.buzz";
PAPERLESS_URL = url;
};
};
gatus.settings.endpoints = [
{
name = "Paperless";
group = "Media Streaming";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
}
];
borgmatic.settings = {
postgresql_databases = [
{
@ -30,7 +46,7 @@ in
];
};
caddy.virtualHosts."paperless.fi33.buzz".extraConfig = ''
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3

18
modules/nixos/features/prowlarr.nix
View file

@ -1,6 +1,8 @@
let
port = 5009;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "prowlarr.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
@ -11,9 +13,23 @@ in
};
};
gatus.settings.endpoints = [
{
name = "Prowlarr";
group = "Media Management";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
}
];
borgmatic.settings.source_directories = [ "/var/lib/prowlarr" ];
caddy.virtualHosts."prowlarr.fi33.buzz".extraConfig = ''
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3

18
modules/nixos/features/qbittorrent.nix
View file

@ -1,6 +1,8 @@
let
port = 5005;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "bittorrent.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
@ -14,7 +16,21 @@ in
];
};
caddy.virtualHosts."qbittorrent.fi33.buzz".extraConfig = ''
gatus.settings.endpoints = [
{
name = "qBittorrent";
group = "Media Management";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3

18
modules/nixos/features/radarr.nix
View file

@ -1,6 +1,8 @@
let
port = 5007;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "movies.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
@ -13,7 +15,21 @@ in
group = "srv";
};
caddy.virtualHosts."radarr.fi33.buzz".extraConfig = ''
gatus.settings.endpoints = [
{
name = "Radarr";
group = "Media Management";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3

18
modules/nixos/features/radicale.nix
View file

@ -5,6 +5,8 @@
let
port = 5003;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "caldav.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
@ -28,7 +30,21 @@ in
};
};
caddy.virtualHosts."radicale.fi33.buzz".extraConfig = ''
gatus.settings.endpoints = [
{
name = "Radicale";
group = "Private Services";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3

18
modules/nixos/features/readarr.nix
View file

@ -1,6 +1,8 @@
let
port = 5016;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "books.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
@ -13,7 +15,21 @@ in
group = "srv";
};
caddy.virtualHosts."readarr.fi33.buzz".extraConfig = ''
gatus.settings.endpoints = [
{
name = "Readarr";
group = "Media Management";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3

20
modules/nixos/features/send.nix
View file

@ -1,13 +1,15 @@
let
port = 5020;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "send.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
send = {
enable = true;
inherit port;
baseUrl = "https://send.fi33.buzz";
baseUrl = url;
environment = {
DEFAULT_EXPIRE_SECONDS = 360;
EXPIRE_TIMES_SECONDS = "360";
@ -18,7 +20,21 @@ in
};
};
caddy.virtualHosts."send.fi33.buzz".extraConfig = ''
gatus.settings.endpoints = [
{
name = "Send";
group = "Public Services";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3

18
modules/nixos/features/sonarr.nix
View file

@ -1,6 +1,8 @@
let
port = 5006;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "shows.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
@ -13,7 +15,21 @@ in
group = "srv";
};
caddy.virtualHosts."sonarr.fi33.buzz".extraConfig = ''
gatus.settings.endpoints = [
{
name = "Sonarr";
group = "Media Management";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3

18
modules/nixos/features/syncthing.nix
View file

@ -41,6 +41,8 @@ let
) (builtins.filter (deviceSet: deviceSet.device != hostName) devicesList)
);
certloc = "/var/lib/acme/fi33.buzz";
hostname = "sync.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
@ -56,6 +58,20 @@ in
};
};
gatus.settings.endpoints = [
{
name = "Syncthing";
group = "Private Services";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
}
];
borgmatic.settings =
if userName == "srv" then
{
@ -67,7 +83,7 @@ in
else
null;
caddy.virtualHosts."syncthing.fi33.buzz".extraConfig = ''
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy http://localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3

20
modules/nixos/features/vaultwarden.nix
View file

@ -5,6 +5,8 @@
let
port = 5001;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "vault.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
@ -13,7 +15,7 @@ in
backupDir = "/srv/vaultwarden";
config = {
rocketPort = toString port;
domain = "https://vaultwarden.fi33.buzz";
domain = url;
signupsAllowed = false;
invitationsAllowed = false;
showPasswordHint = false;
@ -23,7 +25,21 @@ in
};
};
caddy.virtualHosts."vaultwarden.fi33.buzz".extraConfig = ''
gatus.settings.endpoints = [
{
name = "Vaultwarden";
group = "Private Services";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3

4
modules/templates/web-feature.nix
View file

@ -1,6 +1,8 @@
let
port = 0000;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "feature.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
@ -20,7 +22,7 @@ in
# ];
# };
caddy.virtualHosts."feature.fi33.buzz".extraConfig = ''
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3