hosts/bluepill-proxy/modules/caddy.nix at main

devins.page / flake
fork atom
configurations for my servers and desktops
nix nixos flake dots dotfiles
fork atom
flake / hosts / bluepill-proxy / modules / caddy.nix
at main 126 lines 2.6 kB view raw
wrap content
devins.page feat: public_address 12d ago
2aac0646
  1{pkgs, ...}: {
  2  networking.firewall = {
  3    allowedTCPPorts = [
  4      80
  5      443
  6      6167
  7
  8      22
  9      25565
 10      23343
 11    ];
 12    allowedUDPPorts = [
 13      25565
 14      24454
 15      23343
 16      22232
 17    ];
 18  };
 19
 20  services.caddy = {
 21    enable = true;
 22    package = pkgs.caddy.withPlugins {
 23      plugins = [
 24        "github.com/mholt/caddy-l4@v0.0.0-20251001194302-2e3e6cf60b25"
 25      ];
 26      hash = "sha256-MTXqUeUI/P5GbritkrxgO6wYsV7axVhqPJLAibRX3dE=";
 27    };
 28    email = "devin@devins.page";
 29    virtualHosts = {
 30      "pds.devins.page" = {
 31        extraConfig = ''
 32          reverse_proxy http://100.108.47.83:3000
 33        '';
 34      };
 35      "knot.devins.page" = {
 36        extraConfig = ''
 37          reverse_proxy http://100.108.47.83:5555
 38        '';
 39      };
 40      "spindle.devins.page" = {
 41        extraConfig = ''
 42          reverse_proxy http://100.108.47.83:6555
 43        '';
 44      };
 45      "navidrome.devins.page" = {
 46        extraConfig = ''
 47          reverse_proxy http://100.108.47.83:4533
 48        '';
 49      };
 50      "jellyfin.devins.page" = {
 51        extraConfig = ''
 52          reverse_proxy http://100.108.47.83:8096
 53        '';
 54      };
 55      "matrix.skywardmc.org" = {
 56        extraConfig = ''
 57          reverse_proxy http://100.108.47.83:6167
 58        '';
 59      };
 60      "mautrix-discord.skywardmc.org" = {
 61        extraConfig = ''
 62          reverse_proxy http://100.108.47.83:29334
 63        '';
 64      };
 65    };
 66    globalConfig = ''
 67      layer4 {
 68        # tangled ssh
 69        :22 {
 70          @ssh ssh
 71          route @ssh {
 72            proxy {
 73              upstream 100.108.47.83:2222
 74            }
 75          }
 76        }
 77
 78        # mc server 1
 79        :25565 {
 80          route {
 81            proxy {
 82              upstream 100.108.47.83:25565
 83            }
 84          }
 85        }
 86        udp/:25565 {
 87          route {
 88            proxy {
 89              upstream udp/100.108.47.83:25565
 90            }
 91          }
 92        }
 93        udp/:24454 {
 94          route {
 95            proxy {
 96              upstream udp/100.108.47.83:24454
 97            }
 98          }
 99        }
100
101        # mc server 2
102        :23343 {
103          route {
104            proxy {
105              upstream 100.108.47.83:23343
106            }
107          }
108        }
109        udp/:23343 {
110          route {
111            proxy {
112              upstream udp/100.108.47.83:23343
113            }
114          }
115        }
116        udp/:22232 {
117          route {
118            proxy {
119              upstream udp/100.108.47.83:22232
120            }
121          }
122        }
123      }
124    '';
125  };
126}