From 5eb540281dedbf33ea91b36a6d3bebfcaa9ee51c Mon Sep 17 00:00:00 2001 From: CDaut Date: Sat, 15 Nov 2025 23:47:42 +0100 Subject: [PATCH] fix vikunja, mastodon and bit of refactoring --- configs/container_config.nix | 9 ------- .../containers/cube/mastodon_container.nix | 20 ---------------- configs/containers/cube/vikunja_container.nix | 20 ---------------- .../netcup_pve/mastodon_container.nix | 24 +++++++++++++++++++ .../netcup_pve/vikunja_container.nix | 24 +++++++++++++++++++ configs/services/nginx.nix | 16 +++++++++++++ flake.nix | 8 ++----- 7 files changed, 66 insertions(+), 55 deletions(-) delete mode 100644 configs/containers/cube/mastodon_container.nix delete mode 100644 configs/containers/cube/vikunja_container.nix create mode 100644 configs/containers/netcup_pve/mastodon_container.nix create mode 100644 configs/containers/netcup_pve/vikunja_container.nix diff --git a/configs/container_config.nix b/configs/container_config.nix index 9cbdb1d..3fd2c55 100644 --- a/configs/container_config.nix +++ b/configs/container_config.nix @@ -72,15 +72,6 @@ enable = true; allowedTCPPorts = [ 22 ]; }; - - # enable routing of wireguard reachable subnet via wgbr - interfaces.wgbr.ipv4.routes = lib.mkDefault [ - { - address = "10.8.0.0"; - prefixLength = 16; - via = "10.8.1.1"; - } - ]; }; # enable ssh access diff --git a/configs/containers/cube/mastodon_container.nix b/configs/containers/cube/mastodon_container.nix deleted file mode 100644 index b9f0255..0000000 --- a/configs/containers/cube/mastodon_container.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ lib, pkgs, config, ... }: { - - deployment = { - targetHost = "192.168.178.81"; - targetPort = 22; - targetUser = "root"; - tags = [ "cube" ]; - }; - networking.hostName = "mastodon"; - networking.interfaces.wgbr.ipv4.addresses = [ - { - address = "10.8.1.6"; - prefixLength = 24; - } - ]; - imports = [ - ../../container_config.nix - ../../services/mastodon.nix - ]; -} diff --git a/configs/containers/cube/vikunja_container.nix b/configs/containers/cube/vikunja_container.nix deleted file mode 100644 index 7d1cec8..0000000 --- a/configs/containers/cube/vikunja_container.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ lib, pkgs, config, ... }: -{ - deployment = { - targetHost = "192.168.178.107"; - targetPort = 22; - targetUser = "root"; - tags = [ "cube" ]; - }; - networking.hostName = "paperless"; - networking.interfaces.wgbr.ipv4.addresses = [ - { - address = "10.8.1.8"; - prefixLength = 24; - } - ]; - imports = [ - ../../container_config.nix - ../../services/vikunja.nix - ]; -} diff --git a/configs/containers/netcup_pve/mastodon_container.nix b/configs/containers/netcup_pve/mastodon_container.nix new file mode 100644 index 0000000..945abc2 --- /dev/null +++ b/configs/containers/netcup_pve/mastodon_container.nix @@ -0,0 +1,24 @@ +{ lib, pkgs, config, ... }: { + + deployment = { + targetHost = "10.0.0.4"; + targetPort = 22; + targetUser = "root"; + tags = [ "netcup_pve" ]; + }; + networking = { + hostName = "mastodon"; + interfaces.eth0 = { + ipAddress = "10.0.0.4"; + prefixLength = 32; + }; + defaultGateway = { + address = "10.0.0.254"; + interface = "eth0"; + }; + }; + imports = [ + ../../container_config.nix + ../../services/mastodon.nix + ]; +} diff --git a/configs/containers/netcup_pve/vikunja_container.nix b/configs/containers/netcup_pve/vikunja_container.nix new file mode 100644 index 0000000..b5f52b2 --- /dev/null +++ b/configs/containers/netcup_pve/vikunja_container.nix @@ -0,0 +1,24 @@ +{ lib, pkgs, config, ... }: +{ + deployment = { + targetHost = "10.0.0.5"; + targetPort = 22; + targetUser = "root"; + tags = [ "netcup_pve" ]; + }; + networking = { + hostName = "vikunja"; + interfaces.eth0 = { + ipAddress = "10.0.0.5"; + prefixLength = 32; + }; + defaultGateway = { + address = "10.0.0.254"; + interface = "eth0"; + }; + }; + imports = [ + ../../container_config.nix + ../../services/vikunja.nix + ]; +} diff --git a/configs/services/nginx.nix b/configs/services/nginx.nix index 61c4eb9..863f69a 100644 --- a/configs/services/nginx.nix +++ b/configs/services/nginx.nix @@ -2,6 +2,7 @@ { services.nginx = { enable = true; + recommendedProxySettings = true; virtualHosts = { "pve.infra.cdaut.de" = { @@ -18,6 +19,21 @@ proxyPass = "http://10.0.0.1:80"; }; }; + "puppyplaypissparty.de" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "https://10.0.0.4"; + extraConfig = "proxy_ssl_verify off;"; + }; + }; + "tasks.cdaut.de" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://10.0.0.5:3456"; + }; + }; }; }; diff --git a/flake.nix b/flake.nix index 741666f..906e772 100644 --- a/flake.nix +++ b/flake.nix @@ -12,19 +12,15 @@ specialArgs = { inherit inputs; }; }; - wireguard = import ./configs/containers/cube/wg_container.nix; - zammad = import ./configs/containers/cube/zammad_container.nix; forgejo = import ./configs/containers/cube/forgejo_container.nix; - mastodon = import ./configs/containers/cube/mastodon_container.nix; + mastodon = import ./configs/containers/netcup_pve/mastodon_container.nix; - vikunja = import ./configs/containers/cube/vikunja_container.nix; + vikunja = import ./configs/containers/netcup_pve/vikunja_container.nix; nginx = import ./configs/containers/netcup_pve/nginx_container.nix; - - wg_server = import ./configs/containers/netcup_pve/wg_server_container.nix; }; }; }