meow

2025-02-11 04:40:17 +01:00 · 2025-02-11 04:40:17 +01:00 · 56d7d47a8b
commit 56d7d47a8b
parent a30ff16bc2
1 changed files with 70 additions and 78 deletions
--- a/hosts/ds9/default.nix
+++ b/hosts/ds9/default.nix
@ -125,92 +125,84 @@ in
  systemd.services.caddy.serviceConfig.EnvironmentFile = config.age.secrets.desec.path;
  services.caddy = {
    # ragon.services.caddy is enabled
    extraConfig = ''
      (blockBots) {
        @botForbidden header_regexp User-Agent "(?i)AdsBot-Google|Amazonbot|anthropic-ai|Applebot|Applebot-Extended|AwarioRssBot|AwarioSmartBot|Bytespider|CCBot|ChatGPT|ChatGPT-User|Claude-Web|ClaudeBot|cohere-ai|DataForSeoBot|Diffbot|FacebookBot|Google-Extended|GPTBot|ImagesiftBot|magpie-crawler|omgili|Omgilibot|peer39_crawler|PerplexityBot|YouBot"
        handle @botForbidden   {
          redir https://hil-speed.hetzner.com/10GB.bin
        }
      }
      (podmanRedir) {
        reverse_proxy {args[:]} {
          transport http {
            resolvers 10.88.0.1 # podman dns
          }
        }
      }
    '';
    globalConfig = ''
      acme_dns desec {
        token "{$TOKEN}"
      }
    '';
-    virtualHosts."http://*.hailsatan.eu".extraConfig = ''
+    virtualHosts."*.hailsatan.eu ".logFormat = ''
-      @bzzt-api host bzzt-api.hailsatan.eu
+      output file ${config.services.caddy.logDir}/access-*hailsatan.eu_internet.log
-      handle @bzzt-api {
+    '';
-        reverse_proxy http://127.0.0.1:5001
+    virtualHosts."*.hailsatan.eu ".extraConfig = ''
-      }
+      import blockBots
-      @bzzt-lcg host bzzt-lcg.hailsatan.eu
+      @jellyfin host j.hailsatan.eu
-      handle @bzzt-lcg {
+      handle @jellyfin {
-        reverse_proxy http://127.0.0.1:5003
+        import podmanRedir http://jellyfin:8096 
      }
      @bzzt host bzzt.hailsatan.eu
      handle @bzzt {
        reverse_proxy http://127.0.0.1:5002
      }
      handle {
        abort
      }
    '';
    virtualHosts."*.hailsatan.eu".extraConfig = ''
-            @immich host immich.hailsatan.eu
+      import blockBots
-            handle @immich {
+      # tailscale only
-              reverse_proxy http://immich-server:3001 {
+      bind 100.83.96.25
-                transport http {
+      @immich host immich.hailsatan.eu
-                  resolvers 10.88.0.1 # podman dns
+      handle @immich {
-                }
+        import podmanRedir http://immich-server:3001 
-              }
+      }
-            }
+      @cd host cd.hailsatan.eu
-            @cd host cd.hailsatan.eu
+      handle @cd {
-            handle @cd {
+        import podmanRedir http://changedetection:5000 
-              reverse_proxy http://changedetection:5000 {
+      }
-                transport http {
+      @grafana host grafana.hailsatan.eu
-                  resolvers 10.88.0.1 # podman dns
+      handle @grafana {
-                }
+        import podmanRedir http://grafana:3000 
-              }
+      }
-            }
+      @node-red host node-red.hailsatan.eu
-            @grafana host grafana.hailsatan.eu
+      handle @node-red {
-            handle @grafana {
+        import podmanRedir http://node-red:1880 
-              reverse_proxy http://grafana:3000 {
+      }
-                transport http {
+
-                  resolvers 10.88.0.1 # podman dns
+      
-                }
+      # @bzzt-api host bzzt-api.hailsatan.eu
-              }
+      # handle @bzzt-api {
-            }
+      #   reverse_proxy http://127.0.0.1:5001
-            @node-red host node-red.hailsatan.eu
+      # }
-            handle @node-red {
+      # @bzzt-lcg host bzzt-lcg.hailsatan.eu
-              reverse_proxy http://node-red:1880 {
+      # handle @bzzt-lcg {
-                transport http {
+      #   reverse_proxy http://127.0.0.1:5003
-                  resolvers 10.88.0.1 # podman dns
+      # }
-                }
+      # @bzzt host bzzt.hailsatan.eu
-              }
+      # handle @bzzt {
-            }
+      #   reverse_proxy http://127.0.0.1:5002
-            @bzzt-api host bzzt-api.hailsatan.eu
+      # }
-            handle @bzzt-api {
+      
-              reverse_proxy http://127.0.0.1:5001
+      
-            }
+      @archivebox host archivebox.hailsatan.eu
-            @bzzt-lcg host bzzt-lcg.hailsatan.eu
+      handle @archivebox {
-            handle @bzzt-lcg {
+        import podmanRedir http://archivebox:8000 
-              reverse_proxy http://127.0.0.1:5003
+      }
-            }
+      @jellyfin host j.hailsatan.eu
-            @bzzt host bzzt.hailsatan.eu
+      handle @jellyfin {
-            handle @bzzt {
+        import podmanRedir http://jellyfin:8096 
-              reverse_proxy http://127.0.0.1:5002
+      }
-            }
+      handle {
-            @archivebox host archivebox.hailsatan.eu
+        reverse_proxy http://127.0.0.1:8001
-            handle @archivebox {
+      }
              reverse_proxy http://archivebox:8000 {
                transport http {
                  resolvers 10.88.0.1 # podman dns
                }
              }
            }
            @jellyfin host j.hailsatan.eu
            handle @jellyfin {
              reverse_proxy http://jellyfin:8096 {
                transport http {
                  resolvers 10.88.0.1 # podman dns
                }
              }
            }
            handle {
              reverse_proxy http://127.0.0.1:8001
            }
    '';
  };