fix vikunja, mastodon and bit of refactoring

2025-11-15 23:47:42 +01:00 · 2025-11-15 23:47:42 +01:00 · 5eb540281d
commit 5eb540281d
parent 3fd6838367
7 changed files with 66 additions and 55 deletions
--- a/configs/container_config.nix
+++ b/configs/container_config.nix
@ -72,15 +72,6 @@
      enable = true;
      allowedTCPPorts = [ 22 ];
    };
-
-    # enable routing of wireguard reachable subnet via wgbr
-    interfaces.wgbr.ipv4.routes = lib.mkDefault [
-      {
-        address = "10.8.0.0";
-        prefixLength = 16;
-        via = "10.8.1.1";
-      }
-    ];
  };

  # enable ssh access
--- a/configs/containers/cube/mastodon_container.nix
+++ b/configs/containers/cube/mastodon_container.nix
@ -1,20 +0,0 @@
-{ lib, pkgs, config, ... }: {
-
-  deployment = {
-    targetHost = "192.168.178.81";
-    targetPort = 22;
-    targetUser = "root";
-    tags = [ "cube" ];
-  };
-  networking.hostName = "mastodon";
-  networking.interfaces.wgbr.ipv4.addresses = [
-    {
-      address = "10.8.1.6";
-      prefixLength = 24;
-    }
-  ];
-  imports = [
-    ../../container_config.nix
-    ../../services/mastodon.nix
-  ];
-}
--- a/configs/containers/cube/vikunja_container.nix
+++ b/configs/containers/cube/vikunja_container.nix
@ -1,20 +0,0 @@
-{ lib, pkgs, config, ... }:
-{
-  deployment = {
-    targetHost = "192.168.178.107";
-    targetPort = 22;
-    targetUser = "root";
-    tags = [ "cube" ];
-  };
-  networking.hostName = "paperless";
-  networking.interfaces.wgbr.ipv4.addresses = [
-    {
-      address = "10.8.1.8";
-      prefixLength = 24;
-    }
-  ];
-  imports = [
-    ../../container_config.nix
-    ../../services/vikunja.nix
-  ];
-}
--- a/configs/containers/netcup_pve/mastodon_container.nix
+++ b/configs/containers/netcup_pve/mastodon_container.nix
@ -0,0 +1,24 @@
+{ lib, pkgs, config, ... }: {
+
+  deployment = {
+    targetHost = "10.0.0.4";
+    targetPort = 22;
+    targetUser = "root";
+    tags = [ "netcup_pve" ];
+  };
+  networking = {
+    hostName = "mastodon";
+    interfaces.eth0 = {
+      ipAddress = "10.0.0.4";
+      prefixLength = 32;
+    };
+    defaultGateway = {
+      address = "10.0.0.254";
+      interface = "eth0";
+    };
+  };
+  imports = [
+    ../../container_config.nix
+    ../../services/mastodon.nix
+  ];
+}
--- a/configs/containers/netcup_pve/vikunja_container.nix
+++ b/configs/containers/netcup_pve/vikunja_container.nix
@ -0,0 +1,24 @@
+{ lib, pkgs, config, ... }:
+{
+  deployment = {
+    targetHost = "10.0.0.5";
+    targetPort = 22;
+    targetUser = "root";
+    tags = [ "netcup_pve" ];
+  };
+  networking = {
+    hostName = "vikunja";
+    interfaces.eth0 = {
+      ipAddress = "10.0.0.5";
+      prefixLength = 32;
+    };
+    defaultGateway = {
+      address = "10.0.0.254";
+      interface = "eth0";
+    };
+  };
+  imports = [
+    ../../container_config.nix
+    ../../services/vikunja.nix
+  ];
+}
--- a/configs/services/nginx.nix
+++ b/configs/services/nginx.nix
@ -2,6 +2,7 @@
 {
  services.nginx = {
    enable = true;
+    recommendedProxySettings = true;

    virtualHosts = {
      "pve.infra.cdaut.de" = {
@ -18,6 +19,21 @@
          proxyPass = "http://10.0.0.1:80";
        };
      };
+      "puppyplaypissparty.de" = {
+        enableACME = true;
+        forceSSL = true;
+        locations."/" = {
+          proxyPass = "https://10.0.0.4";
+          extraConfig = "proxy_ssl_verify off;";
+        };
+      };
+      "tasks.cdaut.de" = {
+        enableACME = true;
+        forceSSL = true;
+        locations."/" = {
+          proxyPass = "http://10.0.0.5:3456";
+        };
+      };
    };
  };