feat: ddns and caddy server
parent
da55c99dc9
commit
7073225e85
|
@ -1,4 +1,5 @@
|
|||
{
|
||||
age.secrets.samsehu_NFSN_API_KEY.file = ./secrets/samsehu_NFSN_API_KEY.age;
|
||||
age.secrets.samsehu_NFSN_LOGIN.file = ./secrets/samsehu_NFSN_LOGIN.age;
|
||||
age.secrets.samsehu_DUCK_DNS_TOKEN.file = ./secrets/samsehu_DUCK_DNS_TOKEN.age;
|
||||
}
|
||||
|
|
|
@ -141,6 +141,31 @@
|
|||
};
|
||||
};
|
||||
|
||||
# Dynamic DNS through duck dns
|
||||
users.users.dynamicdns = {
|
||||
# allocates the `uid` in the range 100-999, which indicates to software like login managers that it should not be displayed to the user.
|
||||
isSystemUser = true;
|
||||
group = "dynamicdns";
|
||||
};
|
||||
users.groups.dynamicdns = {};
|
||||
systemd.services.dynamic-dns-updater = {
|
||||
serviceConfig.User = "dynamicdns";
|
||||
path = [ pkgs.curl ];
|
||||
script = "curl -o ~/duck.log --url-query domains=samsehuperli --url-query token@${config.age.secrets.samsehu_DUCK_DNS_TOKEN.path} https://www.duckdns.org/update";
|
||||
startAt = "hourly";
|
||||
};
|
||||
systemd.timers.dynamic-dns-updater = {
|
||||
timerConfig.RandomizedDelaySec = "15m";
|
||||
};
|
||||
|
||||
# Reverse proxy with Caddy
|
||||
services.caddy = {
|
||||
enable = true;
|
||||
virtualHosts."samsehu.perli.casa".extraConfig = ''
|
||||
respond "Hello, world!"
|
||||
'';
|
||||
};
|
||||
|
||||
# Enable automatic upgrades
|
||||
system.autoUpgrade.enable = true;
|
||||
system.autoUpgrade.allowReboot = true;
|
||||
|
@ -163,6 +188,10 @@
|
|||
# Blocky API
|
||||
4000
|
||||
|
||||
# Caddy HTTP and HTTPS
|
||||
80
|
||||
443
|
||||
|
||||
# Forgejo web interface
|
||||
3000
|
||||
|
||||
|
|
Binary file not shown.
|
@ -7,4 +7,5 @@ in
|
|||
{
|
||||
"samsehu_NFSN_API_KEY.age".publicKeys = geemili ++ [ samsehu ];
|
||||
"samsehu_NFSN_LOGIN.age".publicKeys = geemili ++ [ samsehu ];
|
||||
"samsehu_DUCK_DNS_TOKEN.age".publicKeys = geemili ++ [ samsehu ];
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue