Attempt to use cloudflare tunnel through nginx
This commit is contained in:
parent
ff95e830d1
commit
ebcfef4bd3
|
@ -1,12 +1,17 @@
|
|||
{ config, lib, ... }:
|
||||
let port = 8418;
|
||||
let
|
||||
port = 8418;
|
||||
host = "bin.moonythm.dev";
|
||||
in
|
||||
{
|
||||
imports = [ ./cloudflared.nix ];
|
||||
|
||||
sops.secrets.microbin_env.sopsFile = ../secrets.yaml;
|
||||
|
||||
services.cloudflared.tunnels =
|
||||
config.satellite.cloudflared.proxy "bin.moonythm.dev" port;
|
||||
config.satellite.cloudflared.proxy host;
|
||||
services.nginx.virtualHosts.${host} =
|
||||
config.satellite.proxy port { };
|
||||
|
||||
services.microbin = {
|
||||
enable = true;
|
||||
|
|
|
@ -14,9 +14,9 @@ in
|
|||
};
|
||||
};
|
||||
|
||||
config.satellite.cloudflared.proxy = from: port: {
|
||||
config.satellite.cloudflared.proxy = from: {
|
||||
${cfg.tunnel} = {
|
||||
ingress.${from} = "http://localhost:${toString port}";
|
||||
ingress.${from} = "http://localhost:443";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -5,46 +5,46 @@ $TTL 600 ; expiration time in ms
|
|||
; Main dns records
|
||||
|
||||
; Actual (tailscale internal) IPs
|
||||
lapetus.moonythm.dev IN A 100.93.136.59
|
||||
lapetus.moonythm.dev IN AAAA fd7a:115c:a1e0::e75d:883b
|
||||
lapetus IN A 100.93.136.59
|
||||
lapetus IN AAAA fd7a:115c:a1e0::e75d:883b
|
||||
|
||||
; lapetus services
|
||||
actual IN CNAME lapetus.moonythm.dev.
|
||||
api.intray IN CNAME lapetus.moonythm.dev.
|
||||
api.smos IN CNAME lapetus.moonythm.dev.
|
||||
cal IN CNAME lapetus.moonythm.dev.
|
||||
docs.smos IN CNAME lapetus.moonythm.dev.
|
||||
grafana IN CNAME lapetus.moonythm.dev.
|
||||
intray IN CNAME lapetus.moonythm.dev.
|
||||
irc IN CNAME lapetus.moonythm.dev.
|
||||
lab IN CNAME lapetus.moonythm.dev.
|
||||
lapetus.syncthing IN CNAME lapetus.moonythm.dev.
|
||||
media IN CNAME lapetus.moonythm.dev.
|
||||
prometheus IN CNAME lapetus.moonythm.dev.
|
||||
qbit IN CNAME lapetus.moonythm.dev.
|
||||
redlib IN CNAME lapetus.moonythm.dev.
|
||||
rss IN CNAME lapetus.moonythm.dev.
|
||||
search IN CNAME lapetus.moonythm.dev.
|
||||
smos IN CNAME lapetus.moonythm.dev.
|
||||
warden IN CNAME lapetus.moonythm.dev.
|
||||
yt IN CNAME lapetus.moonythm.dev.
|
||||
diptime IN CNAME lapetus.moonythm.dev.
|
||||
*.irc IN CNAME irc.moonythm.dev.
|
||||
actual IN CNAME lapetus
|
||||
api.intray IN CNAME lapetus
|
||||
api.smos IN CNAME lapetus
|
||||
cal IN CNAME lapetus
|
||||
docs.smos IN CNAME lapetus
|
||||
grafana IN CNAME lapetus
|
||||
intray IN CNAME lapetus
|
||||
irc IN CNAME lapetus
|
||||
lab IN CNAME lapetus
|
||||
lapetus.syncthing IN CNAME lapetus
|
||||
media IN CNAME lapetus
|
||||
prometheus IN CNAME lapetus
|
||||
qbit IN CNAME lapetus
|
||||
redlib IN CNAME lapetus
|
||||
rss IN CNAME lapetus
|
||||
search IN CNAME lapetus
|
||||
smos IN CNAME lapetus
|
||||
warden IN CNAME lapetus
|
||||
yt IN CNAME lapetus
|
||||
diptime IN CNAME lapetus
|
||||
*.irc IN CNAME irc
|
||||
|
||||
; Tunnel used by lapetus
|
||||
tunnel.lapetus IN CNAME 347d9ead-a523-4f8b-bca7-3066e31e2952.cfargotunnel.com
|
||||
tunnel.lapetus IN CNAME 347d9ead-a523-4f8b-bca7-3066e31e2952.cfargotunnel.com
|
||||
|
||||
; lapetus services using cloudflare tunnels
|
||||
bin IN CNAME tunnel.lapetus.moonythm.dev.
|
||||
bin IN CNAME tunnel.lapetus
|
||||
|
||||
; ==========================================================================================
|
||||
; Migadu mail setup
|
||||
|
||||
; Mail MX records
|
||||
orbit.moonythm.dev IN MX 10 aspmx1.migadu.com.
|
||||
orbit.moonythm.dev IN MX 20 aspmx2.migadu.com.
|
||||
moonythm.dev IN MX 10 aspmx1.migadu.com.
|
||||
moonythm.dev IN MX 20 aspmx2.migadu.com.
|
||||
orbit IN MX 10 aspmx1.migadu.com.
|
||||
orbit IN MX 20 aspmx2.migadu.com.
|
||||
@ IN MX 10 aspmx1.migadu.com.
|
||||
@ IN MX 20 aspmx2.migadu.com.
|
||||
|
||||
; Mail CNAME records
|
||||
key1._domainkey IN CNAME key1.moonythm.dev._domainkey.migadu.com.
|
||||
|
@ -55,9 +55,9 @@ key2._domainkey.orbit IN CNAME key2.orbit.moonythm.dev._domainkey.migadu.com.
|
|||
key3._domainkey.orbit IN CNAME key3.orbit.moonythm.dev._domainkey.migadu.com.
|
||||
|
||||
; Other mail stuff
|
||||
_dmarc.moonythm.dev IN TXT "v=DMARC1; p=quarantine;"
|
||||
_dmarc.orbit.moonythm.dev IN TXT "v=DMARC1; p=quarantine;"
|
||||
moonythm.dev IN TXT "hosted-email-verify=kfkhyexd"
|
||||
moonythm.dev IN TXT "v=spf1 include:spf.migadu.com -all"
|
||||
orbit.moonythm.dev IN TXT "hosted-email-verify=24s7lnum"
|
||||
orbit.moonythm.dev IN TXT "v=spf1 include:spf.migadu.com -all"
|
||||
_dmarc IN TXT "v=DMARC1; p=quarantine;"
|
||||
_dmarc.orbit IN TXT "v=DMARC1; p=quarantine;"
|
||||
@ IN TXT "hosted-email-verify=kfkhyexd"
|
||||
@ IN TXT "v=spf1 include:spf.migadu.com -all"
|
||||
orbit IN TXT "hosted-email-verify=24s7lnum"
|
||||
orbit IN TXT "v=spf1 include:spf.migadu.com -all"
|
||||
|
|
Loading…
Reference in a new issue