lightly-toasted/nix-config
1
0
Fork 0
mirror of https://github.com/lightly-toasted/nix-config.git synced 2025-12-10 03:49:44 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Compare commits

base: lightly-toasted:04d4ac2a9e835780fcd5f3db50a96b401106fc43
Branches Tags
lightly-toasted:main
..
compare: lightly-toasted:10516f783a9857314b5a2fc2573d93a810512773
Branches Tags
lightly-toasted:main

4 commits
04d4ac2a9e ... 10516f783a

Author SHA1 Message Date
lightly-toasted
10516f783a feat(y2q): add restic rest-server 2025-12-08 19:02:14 +09:00
lightly-toasted
cee1c9bc5d feat(y2q): add caddy 
- Add a runit service for Caddy with a Caddyfile
- Update cloudflared runit service:
  - Add support for multiple subdomains using dynamic YAML generation
  - Each subdomain routes to Caddy running on localhost (port 8080)
 2025-12-08 17:14:57 +09:00
lightly-toasted
431847b59f feat(y2q): add stderr → stdout redirection for runit services with logging 2025-12-07 20:16:08 +09:00
lightly-toasted
fec6c21498 fix(y2q): mkdir main before runit svlogd 
- Create main directory before running svlogd
- Switch to svlogd -tt to add human-readable timestamps
 2025-12-07 20:03:44 +09:00
4 changed files with 66 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

5
home/modules/runit/default.nix
View file

@ -52,6 +52,7 @@
source .env
set +a
'' else "";
stderrToStdout = if sCfg.log.enable then "exec 2>&1" else "";
in
lib.mkMerge [
{
@ -59,6 +60,7 @@
"runit/services/${serviceName}/run" = {
text = ''
#!/usr/bin/env bash
${stderrToStdout}
${envExports}
${envFileSetup}
${sCfg.script}
@ -70,7 +72,8 @@
"runit/services/${serviceName}/log/run" = lib.mkIf sCfg.log.enable {
text = ''
#!/bin/sh
exec svlogd -t ./main
mkdir -p main
exec svlogd -tt ./main
'';
executable = true;
};

32
home/modules/runit/services/caddy.nix Normal file
View file

@ -0,0 +1,32 @@
{ pkgs, config, ... }:
{
home.file.".config/caddy/Caddyfile".text = ''
{
http_port 8080
https_port 8443
auto_https off
}
# Cloudflare Tunnel
http://gist.toast.name {
# Opengist
reverse_proxy http://localhost:${config.runit.services.opengist.environment.OG_HTTP_PORT}
}
# Tailscale
http://y2q.ts.toast.name {
# Glances
reverse_proxy http://localhost:61208
}
'';
runit.services.caddy = {
script = ''
exec ${pkgs.caddy}/bin/caddy run \
--config "$HOME/.config/caddy/Caddyfile" \
--adapter caddyfile
'';
log.enable = true;
};
}

14
home/modules/runit/services/cloudflared.nix
View file

@ -1,7 +1,10 @@
{ pkgs, config, rootPath, ... }:
{ pkgs, config, rootPath, lib, ... }:
let
tunnel = "cb0d9c2c-48f9-4bca-9e81-ef92423c5afa";
subdomains = [
"gist.toast.name"
];
in
{
home.file.".cloudflared/${tunnel}.json".source = rootPath + /secrets/gitcrypt/cloudflared/${tunnel}.json;
@ -11,10 +14,11 @@ in
credentials-file: ${config.home.homeDirectory}/.cloudflared/${tunnel}.json
ingress:
- hostname: gist.toast.name
service: http://${config.runit.services.opengist.environment.OG_HTTP_HOST}:${config.runit.services.opengist.environment.OG_HTTP_PORT}
- service: http_status:404
${lib.concatMapStringsSep "\n" (host: ''
${" "}- hostname: ${host}
${" "} service: http://localhost:80
'') subdomains}
${" "}- service: http_status:404
'';
runit.services.cloudflared = {

21
home/modules/runit/services/restic-rest-server.nix Normal file
View file

@ -0,0 +1,21 @@
{ pkgs, ... }:
{
runit.services.restic-rest-server = {
script = ''
DATA_DIR=$HOME/services/restic-rest-server
mkdir -p "$DATA_DIR"
exec ${pkgs.restic-rest-server}/bin/rest-server \
--listen "$LISTEN_ADDR" \
--log - \
--no-auth \
--path $DATA_DIR \
--prometheus --prometheus-no-auth
'';
environment = {
LISTEN_ADDR = "127.0.0.1:9000";
};
};
}