{pkgs, ...}: { networking.firewall = { allowedTCPPorts = [ 80 443 6167 22 25565 23343 ]; allowedUDPPorts = [ 25565 24454 23343 22232 ]; }; services.caddy = { enable = true; package = pkgs.caddy.withPlugins { plugins = [ "github.com/mholt/caddy-l4@v0.0.0-20251001194302-2e3e6cf60b25" ]; hash = "sha256-MTXqUeUI/P5GbritkrxgO6wYsV7axVhqPJLAibRX3dE="; }; email = "devin@devins.page"; virtualHosts = { "pds.devins.page" = { extraConfig = '' reverse_proxy http://100.108.47.83:3000 ''; }; "knot.devins.page" = { extraConfig = '' reverse_proxy http://100.108.47.83:5555 ''; }; "spindle.devins.page" = { extraConfig = '' reverse_proxy http://100.108.47.83:6555 ''; }; "navidrome.devins.page" = { extraConfig = '' reverse_proxy http://100.108.47.83:4533 ''; }; "jellyfin.devins.page" = { extraConfig = '' reverse_proxy http://100.108.47.83:8096 ''; }; "matrix.skywardmc.org" = { extraConfig = '' reverse_proxy http://100.108.47.83:6167 ''; }; "mautrix-discord.skywardmc.org" = { extraConfig = '' reverse_proxy http://100.108.47.83:29334 ''; }; }; globalConfig = '' layer4 { # tangled ssh :22 { @ssh ssh route @ssh { proxy { upstream 100.108.47.83:2222 } } } # mc server 1 :25565 { route { proxy { upstream 100.108.47.83:25565 } } } udp/:25565 { route { proxy { upstream udp/100.108.47.83:25565 } } } udp/:24454 { route { proxy { upstream udp/100.108.47.83:24454 } } } # mc server 2 :23343 { route { proxy { upstream 100.108.47.83:23343 } } } udp/:23343 { route { proxy { upstream udp/100.108.47.83:23343 } } } udp/:22232 { route { proxy { upstream udp/100.108.47.83:22232 } } } } ''; }; }