torjus/nixos-servers
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
Files
6184f4cbbb4282dce1a387f17b06724256daf7c8
nixos-servers/services/http-proxy/proxy.nix
Torjus Håkestad 6184f4cbbb
Some checks failed
Run nix flake check / flake-check (push) Has been cancelled
Details
monitoring02: enable alerting and migrate CNAMEs from http-proxy 
- Switch vmalert from blackhole mode to sending alerts to local
  Alertmanager
- Import alerttonotify service so alerts route to NATS notifications
- Move alertmanager and grafana CNAMEs from http-proxy to monitoring02
- Add monitoring CNAME to monitoring02
- Add Caddy reverse proxy entries for alertmanager and grafana
- Remove prometheus, alertmanager, and grafana Caddy entries from
  http-proxy (now served directly by monitoring02)
- Move monitoring02 Vault AppRole to hosts-generated.tf with
  extra_policies support and prometheus-metrics policy
- Update Promtail to use authenticated loki.home.2rjus.net endpoint
  only (remove unauthenticated monitoring01 client)
- Update pipe-to-loki and bootstrap to use loki.home.2rjus.net with
  basic auth from Vault secret
- Update migration plan with current status

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-17 21:22:33 +01:00

93 lines
2.1 KiB
Nix
Raw Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
{ pkgs, ... }:
{
services.caddy = {
enable = true;
package = pkgs.unstable.caddy;
configFile = pkgs.writeText "Caddyfile" ''
{
acme_ca https://vault.home.2rjus.net:8200/v1/pki_int/acme/directory
metrics {
per_host
}
}
nzbget.home.2rjus.net {
log {
output file /var/log/caddy/nzbget.log {
mode 644
}
}
reverse_proxy http://nzbget-jail.home.2rjus.net:6789
}
radarr.home.2rjus.net {
log {
output file /var/log/caddy/radarr.log {
mode 644
}
}
reverse_proxy http://radarr-jail.home.2rjus.net:7878
}
sonarr.home.2rjus.net {
log {
output file /var/log/caddy/sonarr.log {
mode 644
}
}
reverse_proxy http://sonarr-jail.home.2rjus.net:8989
}
ha.home.2rjus.net {
log {
output file /var/log/caddy/ha.log {
mode 644
}
}
reverse_proxy http://ha1.home.2rjus.net:8123
}
z2m.home.2rjus.net {
log {
output file /var/log/caddy/z2m.log {
mode 644
}
}
reverse_proxy http://ha1.home.2rjus.net:8080
}
jelly.home.2rjus.net {
log {
output file /var/log/caddy/jelly.log {
mode 644
}
}
reverse_proxy http://jelly01.home.2rjus.net:8096
}
pyroscope.home.2rjus.net {
log {
output file /var/log/caddy/pyroscope.log {
mode 644
}
}
reverse_proxy http://monitoring01.home.2rjus.net:4040
}
pushgw.home.2rjus.net {
log {
output file /var/log/caddy/pushgw.log {
mode 644
}
}
reverse_proxy http://monitoring01.home.2rjus.net:9091
}
http://http-proxy.home.2rjus.net/metrics {
log {
output file /var/log/caddy/caddy-metrics.log {
mode 644
}
}
metrics
}
'';
};
}
Reference in New Issue View Git Blame Copy Permalink