Custom octodns setup!

hosts/nixos/lapetus/services/forgejo.nix

@@ -1,17 +1,12 @@
 { lib, config, ... }:
-let
-  port = config.satellite.ports.forgejo;
-  host = "git.moonythm.dev";
-  cfg = config.services.forgejo;
-in
 {
   sops.secrets.forgejo_mail_password = {
     sopsFile = ../secrets.yaml;
-    owner = cfg.user;
-    group = cfg.group;
+    owner = config.services.forgejo.user;
+    group = config.services.forgejo.group;
   };
 
-  satellite.cloudflared.at.${host}.port = port;
+  satellite.cloudflared.at.git.port = config.satellite.ports.forgejo;
 
   services.forgejo = {
     enable = true;
@@ -30,9 +25,9 @@ in
       default.APP_NAME = "moonforge";
 
       server = {
-        DOMAIN = host;
-        HTTP_PORT = port;
-        ROOT_URL = "https://${host}";
+        DOMAIN = config.satellite.cloudflared.at.git.host;
+        HTTP_PORT = config.satellite.cloudflared.at.git.port;
+        ROOT_URL = config.satellite.cloudflared.at.git.host.url;
         LANDING_PAGE = "prescientmoon"; # Make my profile the landing page
       };
 

hosts/nixos/lapetus/services/homer.nix

@@ -55,7 +55,7 @@ in
               name = "Syncthing";
               subtitle = "File synchronization";
               logo = icon "syncthing.png";
-              url = "https://lapetus.syncthing.moonythm.dev";
+              url = "https://syncthing.lapetus.moonythm.dev";
             }
             {
               name = "Guacamole";

hosts/nixos/lapetus/services/jupyter.nix

@@ -18,7 +18,7 @@ in
 
   services.jupyterhub = {
     enable = true;
-    port = config.satellite.ports.jupyterhub;
+    port = config.satellite.cloudflared.at.jupyter.port;
 
     jupyterhubEnv = appEnv;
     jupyterlabEnv = appEnv;
@@ -71,7 +71,7 @@ in
   };
   # }}}
   # {{{ Networking & storage
-  satellite.cloudflared.at."jupyter.moonythm.dev".port = config.services.jupyterhub.port;
+  satellite.cloudflared.at.jupyter.port = config.services.jupyterhub.port;
 
   environment.persistence."/persist/state".directories = [
     "/var/lib/${config.services.jupyterhub.stateDirectory}"

hosts/nixos/lapetus/services/microbin.nix

@@ -1,11 +1,7 @@
 { config, lib, ... }:
-let
-  port = config.satellite.ports.microbin;
-  host = "bin.moonythm.dev";
-in
 {
   sops.secrets.microbin_env.sopsFile = ../secrets.yaml;
-  satellite.cloudflared.at.${host}.port = port;
+  satellite.cloudflared.at.bin.port = config.satellite.ports.microbin;
 
   services.microbin = {
     enable = true;
@@ -16,8 +12,8 @@ in
     settings = {
       # High level settings
       MICROBIN_ADMIN_USERNAME = "prescientmoon";
-      MICROBIN_PORT = toString port;
-      MICROBIN_PUBLIC_PATH = "https://bin.moonythm.dev/";
+      MICROBIN_PORT = toString config.satellite.cloudflared.at.bin.port;
+      MICROBIN_PUBLIC_PATH = config.satellite.cloudflared.at.bin.url;
       MICROBIN_DEFAULT_EXPIRY = "1week";
 
       # Disable online features

hosts/nixos/lapetus/services/pounce.nix

@@ -28,9 +28,22 @@ in
   # Configure pounce
   services.pounce = {
     enable = true;
-    externalHost = "irc.moonythm.dev";
-    bindHost = "irc.moonythm.dev";
+    externalHost = "irc.${config.satellite.dns.domain}";
+    bindHost = "irc.${config.satellite.dns.domain}";
     certDir = "/var/lib/acme/wildcard-irc.moonythm.dev";
     networks.tilde.config = config.sops.templates."pounce-tilde.cfg".path;
   };
+
+  satellite.dns.records = [
+    {
+      type = "CNAME";
+      at = "*.irc";
+      to = "irc";
+    }
+    {
+      type = "CNAME";
+      at = "irc";
+      to = config.networking.hostName;
+    }
+  ];
 }

hosts/nixos/lapetus/services/syncthing.nix

@@ -1,12 +0,0 @@
-{ config, ... }:
-let port = 8384;
-in
-{
-  services.syncthing = {
-    settings.folders = { };
-    guiAddress = "127.0.0.1:${toString port}";
-    settings.gui.insecureSkipHostcheck = true;
-  };
-
-  satellite.nginx.at."lapetus.syncthing".port = port;
-}