Matrix, Caddy

* Nginx to caddy (#5) Convert all nginx instances to caddy instances, setup acme as well * matrix implemented
2026-01-11 01:34:08 -05:00 · 2025-09-11 14:56:05 -04:00 · 2025-09-11 14:56:05 -04:00 · e0590ff20b
commit e0590ff20b
parent 742be942bb
25 changed files with 182 additions and 484 deletions
--- a/hosts/nixos/HandlerOne/backup.nix
+++ b/hosts/nixos/HandlerOne/backup.nix
@ -20,12 +20,11 @@ let
      # trilium.nix
      "/var/lib/trilium/backup"

-      # grocy
-      "/var/lib/grocy"
-
      # actualbudget
      "${volumePath}/actualbudget"

+      "/var/lib/tuwunel"
+
      # flamesites
      "${volumePath}/flamesites/swgalaxyproject"
      "${volumePath}/flamesites/nnsbluegrass"
--- a/hosts/nixos/HandlerOne/default.nix
+++ b/hosts/nixos/HandlerOne/default.nix
@ -43,7 +43,6 @@
      "modules/services/actualbudget"
      "modules/services/bar-assistant"
      "modules/services/frigate"
-      "modules/services/grocy"
      "modules/services/homebox"
      "modules/services/homepage"
      "modules/services/mqtt"
@ -52,10 +51,10 @@
      "modules/services/trilium"
      "modules/services/fail2ban"
      "modules/services/ntfy-sh"
-      "modules/services/ollama/nginx.nix" # Just host the nginx path back to Parzival
+      "modules/services/ollama/proxy.nix" # Just host the proxy path back to Parzival
      "modules/services/netbox"
      "modules/services/system-logging"
-      "modules/services/system-logging/nginx.nix"
+      "modules/services/system-logging/proxy.nix"
      "modules/services/matrix"
      "modules/services/flamesites"
    ])
@ -83,60 +82,63 @@
    };
  };

-  #FIXME(TODO) Migrate this into another file, probably a module
-  sops = {
-    secrets = {
-      "aws/access_key" = {};
-      "aws/secret_key" = {};
-      "aws/region" = {};
-    };
-    templates = {
-      "aws_shared_credentials".content = ''
-        [default]
-        aws_access_key_id=${config.sops.placeholder."aws/access_key"}
-        aws_secret_access_key=${config.sops.placeholder."aws/secret_key"}
-      '';
-      "aws_env".content = ''
-        AWS_REGION=${config.sops.placeholder."aws/region"}
-      '';
-    };
+  services.caddy = {
+    email = "infrastructure@wanderingcrow.net";
+    acmeCA = "https://acme-v02.api.letsencrypt.org/directory";
  };

-  security.acme = {
-    acceptTerms = true;
-    defaults = {
-      email = "infrastructure@wanderingcrow.net";
-      group = config.services.nginx.group;
-      dnsProvider = "route53";
-      credentialFiles = {
-        "AWS_SHARED_CREDENTIALS_FILE" = config.sops.templates."aws_shared_credentials".path;
-      };
-      environmentFile = config.sops.templates."aws_env".path;
-    };
-    certs = {
-      "wanderingcrow.net" = {};
-      "umami.wanderingcrow.net" = {};
-      "garage.wanderingcrow.net" = {};
-      "bar.wanderingcrow.net" = {};
-      "home.wanderingcrow.net" = {};
-      "homebox.wanderingcrow.net" = {};
-      "cache.wanderingcrow.net" = {};
-      "openhab.wanderingcrow.net" = {};
-      "frigate.wanderingcrow.net" = {};
-      "notes.wanderingcrow.net" = {};
-      "grocy.wanderingcrow.net" = {};
-      "barcodebuddy.grocy.wanderingcrow.net" = {};
-      "budget.wanderingcrow.net" = {};
-      "matrix.wanderingcrow.net" = {};
-      "ta.wanderingcrow.net" = {};
-      "chat.wanderingcrow.net" = {};
-      "netbox.wanderingcrow.net" = {};
-      "notify.wanderingcrow.net" = {};
-      "logs.wanderingcrow.net" = {};
-      "psychal.link" = {};
-      # Sites I host for someone else
-      "swgalaxyproject.com" = {};
-      "nnsbluegrass.com" = {};
-    };
-  };
+  #FIXME(TODO) Migrate this into another file, probably a module
+  #sops = {
+  #  secrets = {
+  #    "aws/access_key" = {};
+  #    "aws/secret_key" = {};
+  #    "aws/region" = {};
+  #  };
+  #  templates = {
+  #    "aws_shared_credentials".content = ''
+  #      [default]
+  #      aws_access_key_id=${config.sops.placeholder."aws/access_key"}
+  #      aws_secret_access_key=${config.sops.placeholder."aws/secret_key"}
+  #    '';
+  #    "aws_env".content = ''
+  #      AWS_REGION=${config.sops.placeholder."aws/region"}
+  #    '';
+  #  };
+  #};
+
+  #security.acme = {
+  #  acceptTerms = true;
+  #  defaults = {
+  #    email = "infrastructure@wanderingcrow.net";
+  #    group = config.services.caddy.group;
+  #    dnsProvider = "route53";
+  #    credentialFiles = {
+  #      "AWS_SHARED_CREDENTIALS_FILE" = config.sops.templates."aws_shared_credentials".path;
+  #    };
+  #    environmentFile = config.sops.templates."aws_env".path;
+  #  };
+  #  certs = {
+  #    "wanderingcrow.net" = {};
+  #    "umami.wanderingcrow.net" = {};
+  #    "garage.wanderingcrow.net" = {};
+  #    "bar.wanderingcrow.net" = {};
+  #    "home.wanderingcrow.net" = {};
+  #    "homebox.wanderingcrow.net" = {};
+  #    "cache.wanderingcrow.net" = {};
+  #    "openhab.wanderingcrow.net" = {};
+  #    "frigate.wanderingcrow.net" = {};
+  #    "notes.wanderingcrow.net" = {};
+  #    "budget.wanderingcrow.net" = {};
+  #    "matrix.wanderingcrow.net" = {};
+  #    "ta.wanderingcrow.net" = {};
+  #    "chat.wanderingcrow.net" = {};
+  #    "netbox.wanderingcrow.net" = {};
+  #    "notify.wanderingcrow.net" = {};
+  #    "logs.wanderingcrow.net" = {};
+  #    "psychal.link" = {};
+  #    # Sites I host for someone else
+  #    "swgalaxyproject.com" = {};
+  #    "nnsbluegrass.com" = {};
+  #  };
+  #};
 }