chore: clean up unused options
This commit is contained in:
parent
0fa0d8d75c
commit
f6e929a2b1
8 changed files with 26 additions and 127 deletions
|
|
@ -1,5 +1,4 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
modulesPath,
|
||||
|
|
@ -12,13 +11,6 @@
|
|||
./services
|
||||
];
|
||||
|
||||
options = {
|
||||
node = lib.mkOption {
|
||||
type = lib.types.attrs;
|
||||
default = { };
|
||||
};
|
||||
};
|
||||
|
||||
config = {
|
||||
networking = {
|
||||
hostName = "weilite";
|
||||
|
|
@ -41,9 +33,6 @@
|
|||
comin.enable = true;
|
||||
network.localdns.enable = true;
|
||||
};
|
||||
node = {
|
||||
mediaDir = "/mnt/nixos/media";
|
||||
};
|
||||
|
||||
boot = {
|
||||
loader = {
|
||||
|
|
@ -144,11 +133,6 @@
|
|||
];
|
||||
};
|
||||
|
||||
services.openssh.ports = [
|
||||
22
|
||||
2222
|
||||
];
|
||||
|
||||
services.tailscale = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
caddy:
|
||||
cf_dns_token: ENC[AES256_GCM,data:7PvP3oYMZ3dAeWaJNiuvEweUf3psDhyu90FT6cP0/AIOa0E40sdIRQ==,iv:IIYnZ35xAm9JJa14oHJi+ddI0u7Pgc4MfPLnKT4IlPc=,tag:V1PGZpaVzdN2cLpktbvTnA==,type:str]
|
||||
dnspod_dns_token: ENC[AES256_GCM,data:ATed7RqLu1u06B61Irhd4SCzjK/Z823ygAgzROsNixZ2rExpB/Xo,iv:L121CGA+iZhn9V6mG2qEu3FI91/s7JO3cVTAwmAeqGw=,tag:l/7MXMZNqgFBwgCCMeZR2A==,type:str]
|
||||
huawei_dns_access_key: ENC[AES256_GCM,data:3y9Sl9RDJlRkgTsctH8O4gRAcAU=,iv:2e03AKVniVYFyHV6KB00I/Y1rHD0Ira6kgly7zDqNT0=,tag:w6j1g329XIOrvshx7Ft7aA==,type:str]
|
||||
huawei_dns_secret_key: ENC[AES256_GCM,data:or4WW7uFvbIoUwh1G63YDQxTFUnkkYrDJG0HEqoKzOSV+8rqy9cHrA==,iv:wB+TT8bh7jhN0ppJ3pqh882cs6RczpOtxKuYuyjRhMY=,tag:GlTSuYeGrGY/3b0g7IbLzw==,type:str]
|
||||
immich:
|
||||
oauth_client_secret: ENC[AES256_GCM,data:EFs2hPjGMj0idwY3oQVIDTOIWkdwoAoAVjDQE9Z2eAKzUDH3grmYpYE+33V8d/Ux,iv:A9cjwFr/ZqltG62/N8MQ1LhdDbSIVVAqIPVB492zYJw=,tag:VTTtE697BZTVsI32UF53/w==,type:str]
|
||||
auto_stack_apikey: ENC[AES256_GCM,data:pormMdxkevrw1sJrmVtD+jEbfQFTOHeyZRepZt2roftjDYAdbzpppg==,iv:wumPYaTAfU+J0MD6yOFKmxY8eDMzwqVsd3IUXyTfk0A=,tag:54HlWH3iKyWG2Gv9QS/wLA==,type:str]
|
||||
|
|
@ -16,10 +17,6 @@ webdav:
|
|||
photosync:
|
||||
password: ENC[AES256_GCM,data:s+omleBtVALG5bpbTnlzbwBj0oCZX8Dm8IbcUV6COnI=,iv:vwCs3ujmCcE87rl91ZtOEAgSQF1/0t17/7/0UM4x8fE=,tag:ylw76CX9SCylWoJt86rmjg==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1uw059wcwfvd9xuj0hpqzqpeg7qemecspjrsatg37wc7rs2pumfdsgken0c
|
||||
enc: |
|
||||
|
|
@ -39,8 +36,7 @@ sops:
|
|||
V0thRjU4WGpQRGFpcnoxSjZTZHhTTkUKzNMHh9p7GUY3hL5XZ9S4x20CwaItsXFV
|
||||
RKujsFVVBd8Kuq/jyOCBTRCscuHI4LW/wYeZYHFEZFSTK2liAqspgw==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2025-04-06T14:28:44Z"
|
||||
mac: ENC[AES256_GCM,data:tYAhkwRs2CFOUCw3Iuq6T5C+QkbpSz80fI6CP65VyFrNiej9hshmjngPnf8bFElF+bHI64a/zpo2y4CqV213011tOX2YYvLD5zrAQb18rBFUdJblY5wQyx/DXiPaIf5jK6WGHIRaOmqZJuqXKrQKnf99N12JydXjt6usBGGZr8M=,iv:wySf7lctw14iUbKo5fDu+p6TMY5QXGYYmBukh2qb19I=,tag:pZrnFiNZEK01pnDN0+1Rcw==,type:str]
|
||||
pgp: []
|
||||
lastmodified: "2025-05-08T13:07:05Z"
|
||||
mac: ENC[AES256_GCM,data:19bgXUH6rhQLin0RO0F5pgqzNIzHq5x+oSpIscbDimRvUhnvalMX6KSmbVgrHeNHrx4n3MpwI65Z+/6eeiR0Y6O2MOv49580UVKIEEP/yAPd3tbOW28/WsNp7MMhtF1Fx6o/rirV+H4vkvzq9+/z3tHO2MMjh9LeLcFB36b8ZD8=,iv:lU9o59P8BS1Azd0lVRtq8d3yNau54J9attOEiC32E4E=,tag:zUawHckwaXSxc7RWimVPUQ==,type:str]
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.9.4
|
||||
version: 3.10.2
|
||||
|
|
|
|||
|
|
@ -6,14 +6,19 @@
|
|||
owner = "caddy";
|
||||
mode = "400";
|
||||
};
|
||||
"caddy/dnspod_dns_token" = {
|
||||
"caddy/huawei_dns_access_key" = {
|
||||
owner = "caddy";
|
||||
mode = "400";
|
||||
};
|
||||
"caddy/huawei_dns_secret_key" = {
|
||||
owner = "caddy";
|
||||
mode = "400";
|
||||
};
|
||||
};
|
||||
templates."caddy.env".content = ''
|
||||
CF_API_TOKEN=${config.sops.placeholder."caddy/cf_dns_token"}
|
||||
DNSPOD_API_TOKEN=${config.sops.placeholder."caddy/dnspod_dns_token"}
|
||||
HUAWEICLOUD_ACCESS_KEY=${config.sops.placeholder."caddy/huawei_dns_access_key"}
|
||||
HUAWEICLOUD_SECRET_KEY=${config.sops.placeholder."caddy/huawei_dns_secret_key"}
|
||||
'';
|
||||
};
|
||||
|
||||
|
|
@ -22,28 +27,25 @@
|
|||
acmeCF = "tls {
|
||||
dns cloudflare {env.CF_API_TOKEN}
|
||||
}";
|
||||
acmeDnspod = "tls {
|
||||
dns dnspod {env.DNSPOD_API_TOKEN}
|
||||
acmeHuawei = "tls {
|
||||
dns huaweicloud {
|
||||
access_key_id {env.HUAWEICLOUD_ACCESS_KEY}
|
||||
secret_access_key {env.HUAWEICLOUD_SECRET_KEY}
|
||||
}
|
||||
}";
|
||||
in
|
||||
{
|
||||
enable = true;
|
||||
package = pkgs.caddy.withPlugins {
|
||||
plugins = [
|
||||
"github.com/caddy-dns/cloudflare@v0.0.0-20240703190432-89f16b99c18e"
|
||||
"github.com/caddy-dns/dnspod@v0.0.4"
|
||||
"github.com/caddy-dns/cloudflare@v0.2.1"
|
||||
];
|
||||
hash = "sha256-/BxdY36MZriRNhh3peU+XjYRAuuYiKhLY+RwO45Q2Ws=";
|
||||
hash = "sha256-saKJatiBZ4775IV2C5JLOmZ4BwHKFtRZan94aS5pO90=";
|
||||
};
|
||||
virtualHosts."derper00.namely.icu:8443".extraConfig = ''
|
||||
${acmeDnspod}
|
||||
${acmeCF}
|
||||
reverse_proxy 127.0.0.1:${toString config.services.tailscale.derper.port}
|
||||
'';
|
||||
# API Token must be added in systemd environment file
|
||||
virtualHosts."immich.xinyang.life:8000".extraConfig = ''
|
||||
${acmeDnspod}
|
||||
reverse_proxy 127.0.0.1:${toString config.services.immich.port}
|
||||
'';
|
||||
virtualHosts."immich.xiny.li:8443".extraConfig = ''
|
||||
${acmeCF}
|
||||
reverse_proxy 127.0.0.1:${toString config.services.immich.port}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue