Attempt to use cloudflare tunnel through nginx
This commit is contained in:
parent
ff95e830d1
commit
ebcfef4bd3
SSH key fingerprint:
SHA256:UUF9JT2s8Xfyv76b8ZuVL7XrmimH4o49p4b+iexbVH4
|
|
@ -1,12 +1,17 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let port = 8418;
|
let
|
||||||
|
port = 8418;
|
||||||
|
host = "bin.moonythm.dev";
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
imports = [ ./cloudflared.nix ];
|
imports = [ ./cloudflared.nix ];
|
||||||
|
|
||||||
sops.secrets.microbin_env.sopsFile = ../secrets.yaml;
|
sops.secrets.microbin_env.sopsFile = ../secrets.yaml;
|
||||||
|
|
||||||
services.cloudflared.tunnels =
|
services.cloudflared.tunnels =
|
||||||
config.satellite.cloudflared.proxy "bin.moonythm.dev" port;
|
config.satellite.cloudflared.proxy host;
|
||||||
|
services.nginx.virtualHosts.${host} =
|
||||||
|
config.satellite.proxy port { };
|
||||||
|
|
||||||
services.microbin = {
|
services.microbin = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
||||||
|
|
@ -14,9 +14,9 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config.satellite.cloudflared.proxy = from: port: {
|
config.satellite.cloudflared.proxy = from: {
|
||||||
${cfg.tunnel} = {
|
${cfg.tunnel} = {
|
||||||
ingress.${from} = "http://localhost:${toString port}";
|
ingress.${from} = "http://localhost:443";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -5,46 +5,46 @@ $TTL 600 ; expiration time in ms
|
||||||
; Main dns records
|
; Main dns records
|
||||||
|
|
||||||
; Actual (tailscale internal) IPs
|
; Actual (tailscale internal) IPs
|
||||||
lapetus.moonythm.dev IN A 100.93.136.59
|
lapetus IN A 100.93.136.59
|
||||||
lapetus.moonythm.dev IN AAAA fd7a:115c:a1e0::e75d:883b
|
lapetus IN AAAA fd7a:115c:a1e0::e75d:883b
|
||||||
|
|
||||||
; lapetus services
|
; lapetus services
|
||||||
actual IN CNAME lapetus.moonythm.dev.
|
actual IN CNAME lapetus
|
||||||
api.intray IN CNAME lapetus.moonythm.dev.
|
api.intray IN CNAME lapetus
|
||||||
api.smos IN CNAME lapetus.moonythm.dev.
|
api.smos IN CNAME lapetus
|
||||||
cal IN CNAME lapetus.moonythm.dev.
|
cal IN CNAME lapetus
|
||||||
docs.smos IN CNAME lapetus.moonythm.dev.
|
docs.smos IN CNAME lapetus
|
||||||
grafana IN CNAME lapetus.moonythm.dev.
|
grafana IN CNAME lapetus
|
||||||
intray IN CNAME lapetus.moonythm.dev.
|
intray IN CNAME lapetus
|
||||||
irc IN CNAME lapetus.moonythm.dev.
|
irc IN CNAME lapetus
|
||||||
lab IN CNAME lapetus.moonythm.dev.
|
lab IN CNAME lapetus
|
||||||
lapetus.syncthing IN CNAME lapetus.moonythm.dev.
|
lapetus.syncthing IN CNAME lapetus
|
||||||
media IN CNAME lapetus.moonythm.dev.
|
media IN CNAME lapetus
|
||||||
prometheus IN CNAME lapetus.moonythm.dev.
|
prometheus IN CNAME lapetus
|
||||||
qbit IN CNAME lapetus.moonythm.dev.
|
qbit IN CNAME lapetus
|
||||||
redlib IN CNAME lapetus.moonythm.dev.
|
redlib IN CNAME lapetus
|
||||||
rss IN CNAME lapetus.moonythm.dev.
|
rss IN CNAME lapetus
|
||||||
search IN CNAME lapetus.moonythm.dev.
|
search IN CNAME lapetus
|
||||||
smos IN CNAME lapetus.moonythm.dev.
|
smos IN CNAME lapetus
|
||||||
warden IN CNAME lapetus.moonythm.dev.
|
warden IN CNAME lapetus
|
||||||
yt IN CNAME lapetus.moonythm.dev.
|
yt IN CNAME lapetus
|
||||||
diptime IN CNAME lapetus.moonythm.dev.
|
diptime IN CNAME lapetus
|
||||||
*.irc IN CNAME irc.moonythm.dev.
|
*.irc IN CNAME irc
|
||||||
|
|
||||||
; Tunnel used by lapetus
|
; Tunnel used by lapetus
|
||||||
tunnel.lapetus IN CNAME 347d9ead-a523-4f8b-bca7-3066e31e2952.cfargotunnel.com
|
tunnel.lapetus IN CNAME 347d9ead-a523-4f8b-bca7-3066e31e2952.cfargotunnel.com
|
||||||
|
|
||||||
; lapetus services using cloudflare tunnels
|
; lapetus services using cloudflare tunnels
|
||||||
bin IN CNAME tunnel.lapetus.moonythm.dev.
|
bin IN CNAME tunnel.lapetus
|
||||||
|
|
||||||
; ==========================================================================================
|
; ==========================================================================================
|
||||||
; Migadu mail setup
|
; Migadu mail setup
|
||||||
|
|
||||||
; Mail MX records
|
; Mail MX records
|
||||||
orbit.moonythm.dev IN MX 10 aspmx1.migadu.com.
|
orbit IN MX 10 aspmx1.migadu.com.
|
||||||
orbit.moonythm.dev IN MX 20 aspmx2.migadu.com.
|
orbit IN MX 20 aspmx2.migadu.com.
|
||||||
moonythm.dev IN MX 10 aspmx1.migadu.com.
|
@ IN MX 10 aspmx1.migadu.com.
|
||||||
moonythm.dev IN MX 20 aspmx2.migadu.com.
|
@ IN MX 20 aspmx2.migadu.com.
|
||||||
|
|
||||||
; Mail CNAME records
|
; Mail CNAME records
|
||||||
key1._domainkey IN CNAME key1.moonythm.dev._domainkey.migadu.com.
|
key1._domainkey IN CNAME key1.moonythm.dev._domainkey.migadu.com.
|
||||||
|
|
@ -55,9 +55,9 @@ key2._domainkey.orbit IN CNAME key2.orbit.moonythm.dev._domainkey.migadu.com.
|
||||||
key3._domainkey.orbit IN CNAME key3.orbit.moonythm.dev._domainkey.migadu.com.
|
key3._domainkey.orbit IN CNAME key3.orbit.moonythm.dev._domainkey.migadu.com.
|
||||||
|
|
||||||
; Other mail stuff
|
; Other mail stuff
|
||||||
_dmarc.moonythm.dev IN TXT "v=DMARC1; p=quarantine;"
|
_dmarc IN TXT "v=DMARC1; p=quarantine;"
|
||||||
_dmarc.orbit.moonythm.dev IN TXT "v=DMARC1; p=quarantine;"
|
_dmarc.orbit IN TXT "v=DMARC1; p=quarantine;"
|
||||||
moonythm.dev IN TXT "hosted-email-verify=kfkhyexd"
|
@ IN TXT "hosted-email-verify=kfkhyexd"
|
||||||
moonythm.dev IN TXT "v=spf1 include:spf.migadu.com -all"
|
@ IN TXT "v=spf1 include:spf.migadu.com -all"
|
||||||
orbit.moonythm.dev IN TXT "hosted-email-verify=24s7lnum"
|
orbit IN TXT "hosted-email-verify=24s7lnum"
|
||||||
orbit.moonythm.dev IN TXT "v=spf1 include:spf.migadu.com -all"
|
orbit IN TXT "v=spf1 include:spf.migadu.com -all"
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue