1
Fork 0

Attempt to use cloudflare tunnel through nginx

This commit is contained in:
prescientmoon 2024-05-10 19:43:00 +02:00
parent ff95e830d1
commit ebcfef4bd3
Signed by: prescientmoon
SSH key fingerprint: SHA256:UUF9JT2s8Xfyv76b8ZuVL7XrmimH4o49p4b+iexbVH4
3 changed files with 44 additions and 39 deletions

View file

@ -1,12 +1,17 @@
{ config, lib, ... }:
let port = 8418;
let
port = 8418;
host = "bin.moonythm.dev";
in
{
imports = [ ./cloudflared.nix ];
sops.secrets.microbin_env.sopsFile = ../secrets.yaml;
services.cloudflared.tunnels =
config.satellite.cloudflared.proxy "bin.moonythm.dev" port;
config.satellite.cloudflared.proxy host;
services.nginx.virtualHosts.${host} =
config.satellite.proxy port { };
services.microbin = {
enable = true;

View file

@ -14,9 +14,9 @@ in
};
};
config.satellite.cloudflared.proxy = from: port: {
config.satellite.cloudflared.proxy = from: {
${cfg.tunnel} = {
ingress.${from} = "http://localhost:${toString port}";
ingress.${from} = "http://localhost:443";
};
};
}

View file

@ -5,46 +5,46 @@ $TTL 600 ; expiration time in ms
; Main dns records
; Actual (tailscale internal) IPs
lapetus.moonythm.dev IN A 100.93.136.59
lapetus.moonythm.dev IN AAAA fd7a:115c:a1e0::e75d:883b
lapetus IN A 100.93.136.59
lapetus IN AAAA fd7a:115c:a1e0::e75d:883b
; lapetus services
actual IN CNAME lapetus.moonythm.dev.
api.intray IN CNAME lapetus.moonythm.dev.
api.smos IN CNAME lapetus.moonythm.dev.
cal IN CNAME lapetus.moonythm.dev.
docs.smos IN CNAME lapetus.moonythm.dev.
grafana IN CNAME lapetus.moonythm.dev.
intray IN CNAME lapetus.moonythm.dev.
irc IN CNAME lapetus.moonythm.dev.
lab IN CNAME lapetus.moonythm.dev.
lapetus.syncthing IN CNAME lapetus.moonythm.dev.
media IN CNAME lapetus.moonythm.dev.
prometheus IN CNAME lapetus.moonythm.dev.
qbit IN CNAME lapetus.moonythm.dev.
redlib IN CNAME lapetus.moonythm.dev.
rss IN CNAME lapetus.moonythm.dev.
search IN CNAME lapetus.moonythm.dev.
smos IN CNAME lapetus.moonythm.dev.
warden IN CNAME lapetus.moonythm.dev.
yt IN CNAME lapetus.moonythm.dev.
diptime IN CNAME lapetus.moonythm.dev.
*.irc IN CNAME irc.moonythm.dev.
actual IN CNAME lapetus
api.intray IN CNAME lapetus
api.smos IN CNAME lapetus
cal IN CNAME lapetus
docs.smos IN CNAME lapetus
grafana IN CNAME lapetus
intray IN CNAME lapetus
irc IN CNAME lapetus
lab IN CNAME lapetus
lapetus.syncthing IN CNAME lapetus
media IN CNAME lapetus
prometheus IN CNAME lapetus
qbit IN CNAME lapetus
redlib IN CNAME lapetus
rss IN CNAME lapetus
search IN CNAME lapetus
smos IN CNAME lapetus
warden IN CNAME lapetus
yt IN CNAME lapetus
diptime IN CNAME lapetus
*.irc IN CNAME irc
; Tunnel used by lapetus
tunnel.lapetus IN CNAME 347d9ead-a523-4f8b-bca7-3066e31e2952.cfargotunnel.com
tunnel.lapetus IN CNAME 347d9ead-a523-4f8b-bca7-3066e31e2952.cfargotunnel.com
; lapetus services using cloudflare tunnels
bin IN CNAME tunnel.lapetus.moonythm.dev.
bin IN CNAME tunnel.lapetus
; ==========================================================================================
; Migadu mail setup
; Mail MX records
orbit.moonythm.dev IN MX 10 aspmx1.migadu.com.
orbit.moonythm.dev IN MX 20 aspmx2.migadu.com.
moonythm.dev IN MX 10 aspmx1.migadu.com.
moonythm.dev IN MX 20 aspmx2.migadu.com.
orbit IN MX 10 aspmx1.migadu.com.
orbit IN MX 20 aspmx2.migadu.com.
@ IN MX 10 aspmx1.migadu.com.
@ IN MX 20 aspmx2.migadu.com.
; Mail CNAME records
key1._domainkey IN CNAME key1.moonythm.dev._domainkey.migadu.com.
@ -55,9 +55,9 @@ key2._domainkey.orbit IN CNAME key2.orbit.moonythm.dev._domainkey.migadu.com.
key3._domainkey.orbit IN CNAME key3.orbit.moonythm.dev._domainkey.migadu.com.
; Other mail stuff
_dmarc.moonythm.dev IN TXT "v=DMARC1; p=quarantine;"
_dmarc.orbit.moonythm.dev IN TXT "v=DMARC1; p=quarantine;"
moonythm.dev IN TXT "hosted-email-verify=kfkhyexd"
moonythm.dev IN TXT "v=spf1 include:spf.migadu.com -all"
orbit.moonythm.dev IN TXT "hosted-email-verify=24s7lnum"
orbit.moonythm.dev IN TXT "v=spf1 include:spf.migadu.com -all"
_dmarc IN TXT "v=DMARC1; p=quarantine;"
_dmarc.orbit IN TXT "v=DMARC1; p=quarantine;"
@ IN TXT "hosted-email-verify=kfkhyexd"
@ IN TXT "v=spf1 include:spf.migadu.com -all"
orbit IN TXT "hosted-email-verify=24s7lnum"
orbit IN TXT "v=spf1 include:spf.migadu.com -all"