From 675017114b27d30c92ae013bee411e06c080c6a7 Mon Sep 17 00:00:00 2001 From: Julia Lange Date: Tue, 16 Sep 2025 19:13:56 -0700 Subject: [PATCH] Got it working! --- hosts/juri/host.nix | 8 ++++++++ hosts/juri/secrets.yaml | 12 ++++-------- nixosModules/services/caddy/service.nix | 4 ++-- 3 files changed, 14 insertions(+), 10 deletions(-) diff --git a/hosts/juri/host.nix b/hosts/juri/host.nix index 57c9a47..9f908bf 100644 --- a/hosts/juri/host.nix +++ b/hosts/juri/host.nix @@ -17,12 +17,14 @@ in { forgejoPassword = { owner = "forgejo"; }; + caddyApi = {}; }; }; caddy = { enable = true; adminEmail = email; + environmentFile = config.sops.secrets.caddyApi.path; vhosts = { "juri.woach.me" = { extraConfig = '' @@ -39,6 +41,12 @@ in { extraConfig = '' reverse_proxy :${builtins.toString config.headscale.server.port} ''; + serverAliases = [ "*.dns.ginko.woach.me" ]; + }; + "juri.${config.services.headscale.settings.dns.base_domain}" = { + extraConfig = '' + reverse_proxy :${builtins.toString config.fava.port} + ''; }; }; }; diff --git a/hosts/juri/secrets.yaml b/hosts/juri/secrets.yaml index 6800ced..145fe69 100644 --- a/hosts/juri/secrets.yaml +++ b/hosts/juri/secrets.yaml @@ -1,10 +1,7 @@ pdsEnv: ENC[AES256_GCM,data:W1kKvcntrBOSgo7gLxwO8A9ZkWjkRWfUDZUMy5YNvhzqYS5xBPGL4QEcknWtQaVfaZklnO/+Gr5JEq/qgU2nIEY3xazfjYl4MNkZBhuwI20RwZB9voVubzHbPwjLtZbNTXRMa7BzO6a3ieSudKWAMP0dumG3/+wHtTYOM6lxUBfpw51+lNikc7kLqI+lzys0jC37ajP0/cm/U644BD0ozSSF289CLtXSkLt8sgHvA1ci8M+wEEq4aJ0JTVs98m0E7Udaride4tjLelESx3hPdoVzBIEa,iv:sQiYE//UGGA2qPfbM9//FcKEued6t8ORiKW8kfzLtz0=,tag:Fj+CzBgL8MH/6FLnUadIPQ==,type:str] forgejoPassword: ENC[AES256_GCM,data:cQJJbf07v4HngeSYE2TwTcAx8WY=,iv:533TO2MfJVop93U4T7yIIiu6i4swDtduFuu79ZzFYFU=,tag:Pz5u/NqOSTKz2zFNzNLY5w==,type:str] +caddyApi: ENC[AES256_GCM,data:mWb/pMr1cxbz6K2ZQkV3AF93/GtIPZyYrJfDDbisK3GhMlWOVZNWDzw7cC/e+1w5aSxeGmOAE13eETVpV9q8W2Bjg8IADn/4j8Su90LxAr+U77pVoF0gUvv1CagEXM8myx+GgaAG80xIeSUNUMOMsgUhJTBoaMrVpHDEPREsa9XyRzEB4X3uQnKx4tUNcUqGSUu5wvMfXDF7rNzJhkVEfE6i,iv:h5QLei1PcZUc4djaqbId9VFv8Rr2dTa7CNowxZVlRUA=,tag:nBfyFVU/fBboswcVsGKL4A==,type:str] sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] age: - recipient: age1ey3wr2wnkgny3dfgvnyrf0cptwzr7s5x464p2y9ya58lpay8lfrsds3y68 enc: | @@ -33,8 +30,7 @@ sops: N3NhMHp3V1ppclQvWTIxNkM5RjhRV0EKl8goB9tCl0BGi4jN7Fzuh0Ajm146x2Hu vesj+ENu2E9II3OeYuBndD+Y4x2zugIpzNOPg1V8zkarJOf7R/sXEw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-03-24T19:31:53Z" - mac: ENC[AES256_GCM,data:5FVSw5wMXRl4qZQmD4yS7g/9qztaveDiU7mgifiOhOBqQrtvv5I/V7rkb5nKew+N3vKmg4vpWBL4kFxsQvWekAPT+ToNED4XhB5H5wZ/RyXga0CU0PMKWtGdEKdyjs4cIZjfScclW0ONgaSkv6XtCLj1V+ukPY3WBI3/2jnf6dA=,iv:7p1qEG1+E7SNLv64/aqjm1ppF4jQ/5h+Z5iHzd8sGDA=,tag:hG59vDcqha1MQf+kN1jguw==,type:str] - pgp: [] + lastmodified: "2025-09-17T01:49:06Z" + mac: ENC[AES256_GCM,data:THEyH3KP9VVFiP7NAPn693dolWIWByb3wSjwC9QLSTe3cgdJbFqa5GvVzFa6xM1ue/GYStMwYIZt0+3LP5Wz5B2KWNy2ljvgFXjzlDHxSOzkWi3/yP9fnuRyf0vujW2Q0ltkXMleyKSisZCD87FjuUz1J9LBYQP64e0mhyB5jL4=,iv:WUDt4AusjrQVhDFk/XSohBlmxjp6Dp6EoMe08yQ0RYg=,tag:LC2j1Bvgo7h29O9mmgIFCw==,type:str] unencrypted_suffix: _unencrypted - version: 3.9.4 + version: 3.10.2 diff --git a/nixosModules/services/caddy/service.nix b/nixosModules/services/caddy/service.nix index 4cfb6d2..e24f701 100644 --- a/nixosModules/services/caddy/service.nix +++ b/nixosModules/services/caddy/service.nix @@ -19,8 +19,8 @@ } ''; package = pkgs.caddy.withPlugins { - plugins = [ "github.com/caddy-dns/porkbun@0.3.1" ]; - hash = ""; + plugins = [ "github.com/caddy-dns/porkbun@v0.3.1" ]; + hash = "sha256-g/Nmi4X/qlqqjY/zoG90iyP5Y5fse6Akr8exG5Spf08="; }; virtualHosts = config.caddy.vhosts; email = config.caddy.adminEmail;