From b69bc4d5ae5fa40267b096ffa959e4f44e165837 Mon Sep 17 00:00:00 2001 From: baduhai Date: Tue, 20 Dec 2022 14:25:48 -0300 Subject: [PATCH] Cleaned up hosted services --- hosts/servers/alexandria/hosted-services.nix | 110 ++----------------- 1 file changed, 8 insertions(+), 102 deletions(-) diff --git a/hosts/servers/alexandria/hosted-services.nix b/hosts/servers/alexandria/hosted-services.nix index d1964ff..0854df7 100644 --- a/hosts/servers/alexandria/hosted-services.nix +++ b/hosts/servers/alexandria/hosted-services.nix @@ -31,51 +31,7 @@ oci-containers = { backend = "docker"; containers = { -# "traefik" = { # Reverse proxy -# image = "docker.io/traefik:v2.8"; -# cmd = [ -# "--api" -# "--providers.docker=true" # Enable the docker traefik provider -# "--providers.docker.exposedbydefault=false" -# "--api.dashboard=true" # Enable the Trafik dashboard -# "--certificatesresolvers.letsencrypt.acme.dnschallenge=true" # Enable dns challenge -# "--certificatesresolvers.letsencrypt.acme.email=baduhai@baduhai.me" # Dummy email -# "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json" -# "--certificatesresolvers.letsencrypt.acme.dnschallenge.provider=cloudflare" # Cloudflare has my dns records -# "--certificatesresolvers.letsencrypt.acme.dnschallenge.resolvers=100.100.100.100:53" # Use tailscale as dns resolver -# "--entrypoints.web.address=:80" # Listen on port 80 -# "--entrypoints.web.http.redirections.entrypoint.to=websecure" # Redirect all http trafic to https -# "--entrypoints.web.http.redirections.entrypoint.scheme=https" # Redirect all http trafic to https -# "--entrypoints.websecure.address=:443" # Redirect all http trafic to https -# "--entrypoints.websecure.http.tls=true" # Enable tls -# "--entrypoints.websecure.http.tls.certResolver=letsencrypt" # Use letsencrypt for tls -# "--entrypoints.websecure.http.tls.domains[0].main=baduhai.me" # tls for top-level domain -# "--entrypoints.websecure.http.tls.domains[0].sans=*.baduhai.me" # tls for sub-domains -# "--global.sendAnonymousUsage=false" # Stop traefik from reporting usage data -# "--global.checkNewVersion=false" # Don't check for new versions -# ]; -# environment = { # Transfer to secret environmentFiles once I have a proper secrets solution -# CLOUDFLARE_EMAIL = "haiwilliam0@gmail.com"; -# CLOUDFLARE_DNS_API_TOKEN = "_zorlWkGYhCBrxn3g82pqOOiy9XULTdP2j7VoMVK"; -# }; -# volumes = [ -# "/var/run/docker.sock:/var/run/docker.sock:ro" -# "/data/traefik/certs:/letsencrypt" -# ]; -# ports = [ -# "80:80" -# "443:443" -# ]; -# extraOptions = [ -# "--pull=always" -# "--label=traefik.enable=true" -# "--label=traefik.http.routers.traefik.service=api@internal" -# "--label=traefik.http.routers.traefik.entrypoints=websecure" -# "--label=traefik.http.routers.traefik.tls.certresolver=letsencrypt" -# "--label=traefik.http.routers.traefik.rule=Host(`traefik.baduhai.me`)" -# ]; -# }; - "homarr" = { # Dashboard + "homarr" = { image = "ghcr.io/ajnart/homarr:latest"; volumes = [ "/data/homarr/configs:/app/data/configs" @@ -86,14 +42,9 @@ ]; extraOptions = [ "--pull=always" - "--label=traefik.enable=true" - "--label=traefik.http.routers.homarr.entrypoints=websecure" - "--label=traefik.http.routers.homarr.tls.certresolver=letsencrypt" - "--label=traefik.http.services.homarr.loadbalancer.server.port=7575" - "--label=traefik.http.routers.homarr.rule=Host(`baduhai.me`)" ]; }; - "changedetection" = { # Detect changes in webpages + "changedetection" = { image = "lscr.io/linuxserver/changedetection.io:latest"; environment = { PUID = "1000"; @@ -109,25 +60,15 @@ ]; extraOptions = [ "--pull=always" - "--label=traefik.enable=true" - "--label=traefik.http.routers.detect.entrypoints=websecure" - "--label=traefik.http.routers.detect.tls.certresolver=letsencrypt" - "--label=traefik.http.services.detect.loadbalancer.server.port=5000" - "--label=traefik.http.routers.detect.rule=Host(`detect.baduhai.me`)" ]; }; - "cinny" = { # Cinny matrix client + "cinny" = { image = "ghcr.io/cinnyapp/cinny:latest"; ports = [ "8002:80" ]; extraOptions = [ "--pull=always" - "--label=traefik.enable=true" - "--label=traefik.http.routers.cinny.entrypoints=websecure" - "--label=traefik.http.routers.cinny.tls.certresolver=letsencrypt" - "--label=traefik.http.services.cinny.loadbalancer.server.port=80" - "--label=traefik.http.routers.cinny.rule=Host(`cinny.baduhai.me`)" ]; }; "jellyfin" = { @@ -149,14 +90,9 @@ extraOptions = [ "--pull=always" "--device=/dev/dri:/dev/dri" - "--label=traefik.enable=true" - "--label=traefik.http.routers.jellyfin.entrypoints=websecure" - "--label=traefik.http.routers.jellyfin.tls.certresolver=letsencrypt" - "--label=traefik.http.services.jellyfin.loadbalancer.server.port=8096" - "--label=traefik.http.routers.jellyfin.rule=Host(`jellyfin.baduhai.me`)" ]; }; - "librespeed" = { # Speedtest + "librespeed" = { image = "lscr.io/linuxserver/librespeed:latest"; environment = { TZ = "Europe/Berlin"; @@ -166,14 +102,9 @@ ]; extraOptions = [ "--pull=always" - "--label=traefik.enable=true" - "--label=traefik.http.routers.librespeed.entrypoints=websecure" - "--label=traefik.http.routers.librespeed.tls.certresolver=letsencrypt" - "--label=traefik.http.services.librespeed.loadbalancer.server.port=80" - "--label=traefik.http.routers.librespeed.rule=Host(`librespeed.baduhai.me`)" ]; }; - "paperless" = { # Digital document manager + "paperless" = { image = "lscr.io/linuxserver/paperless-ngx:latest"; environment = { PUID = "1000"; @@ -193,11 +124,6 @@ ]; extraOptions = [ "--pull=always" - "--label=traefik.enable=true" - "--label=traefik.http.routers.paperless.entrypoints=websecure" - "--label=traefik.http.routers.paperless.tls.certresolver=letsencrypt" - "--label=traefik.http.services.paperless.loadbalancer.server.port=8000" - "--label=traefik.http.routers.paperless.rule=Host(`paperless.baduhai.me`)" ]; }; "pyload" = { # Download manager @@ -217,14 +143,9 @@ ]; extraOptions = [ "--pull=always" - "--label=traefik.enable=true" - "--label=traefik.http.routers.pyload.entrypoints=websecure" - "--label=traefik.http.routers.pyload.tls.certresolver=letsencrypt" - "--label=traefik.http.services.pyload.loadbalancer.server.port=8000" - "--label=traefik.http.routers.pyload.rule=Host(`pyload.baduhai.me`)" ]; }; - "shiori" = { # Bookmark manager + "shiori" = { image = "docker.io/nicholaswilde/shiori:latest"; environment = { TZ = "Europe/Berlin"; @@ -240,14 +161,9 @@ ]; extraOptions = [ "--pull=always" - "--label=traefik.enable=true" - "--label=traefik.http.routers.shiori.entrypoints=websecure" - "--label=traefik.http.routers.shiori.tls.certresolver=letsencrypt" - "--label=traefik.http.services.shiori.loadbalancer.server.port=8080" - "--label=traefik.http.routers.shiori.rule=Host(`shiori.baduhai.me`)" ]; }; - "syncthing" = { # P2P file synchronisation + "syncthing" = { image = "lscr.io/linuxserver/syncthing:1.20.4"; environment = { PUID = "1000"; @@ -267,14 +183,9 @@ ]; extraOptions = [ "--pull=always" - "--label=traefik.enable=true" - "--label=traefik.http.routers.syncthing.entrypoints=websecure" - "--label=traefik.http.routers.syncthing.tls.certresolver=letsencrypt" - "--label=traefik.http.services.syncthing.loadbalancer.server.port=8384" - "--label=traefik.http.routers.syncthing.rule=Host(`sync.baduhai.me`)" ]; }; - "whoogle" = { # Anonymised google search + "whoogle" = { image = "benbusby/whoogle-search:latest"; environment = { HTTPS_ONLY = "1"; @@ -290,11 +201,6 @@ ]; extraOptions = [ "--pull=always" - "--label=traefik.enable=true" - "--label=traefik.http.routers.whoogle.entrypoints=websecure" - "--label=traefik.http.routers.whoogle.tls.certresolver=letsencrypt" - "--label=traefik.http.services.whoogle.loadbalancer.server.port=5000" - "--label=traefik.http.routers.whoogle.rule=Host(`whoogle.baduhai.me`)" ]; }; };