From fec6c214983f245bed2d21f807899cd110f313a8 Mon Sep 17 00:00:00 2001
From: lightly-toasted <tooast@duck.com>
Date: Sun, 7 Dec 2025 20:03:44 +0900
Subject: [PATCH 1/4] fix(y2q): mkdir main before runit svlogd

- Create main directory before running svlogd
- Switch to svlogd -tt to add human-readable timestamps
---
 home/modules/runit/default.nix | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/home/modules/runit/default.nix b/home/modules/runit/default.nix
index 314d107..85be181 100644
--- a/home/modules/runit/default.nix
+++ b/home/modules/runit/default.nix
@@ -70,7 +70,8 @@
             "runit/services/${serviceName}/log/run" = lib.mkIf sCfg.log.enable {
               text = ''
                 #!/bin/sh
-                exec svlogd -t ./main
+                mkdir -p main
+                exec svlogd -tt ./main
               '';
               executable = true;
             };

From 431847b59f29d51763b9bd88f9913e5a61a1a932 Mon Sep 17 00:00:00 2001
From: lightly-toasted <tooast@duck.com>
Date: Sun, 7 Dec 2025 20:15:55 +0900
Subject: [PATCH 2/4] =?UTF-8?q?feat(y2q):=20add=20stderr=20=E2=86=92?=
 =?UTF-8?q?=E2=80=86stdout=20redirection=20for=20runit=20services=20with?=
 =?UTF-8?q?=20logging?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 home/modules/runit/default.nix | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/home/modules/runit/default.nix b/home/modules/runit/default.nix
index 85be181..478700f 100644
--- a/home/modules/runit/default.nix
+++ b/home/modules/runit/default.nix
@@ -52,6 +52,7 @@
             source .env
             set +a
           '' else "";
+          stderrToStdout = if sCfg.log.enable then "exec 2>&1" else "";
         in
         lib.mkMerge [
           {
@@ -59,6 +60,7 @@
             "runit/services/${serviceName}/run" = {
               text = ''
                 #!/usr/bin/env bash
+                ${stderrToStdout}
                 ${envExports}
                 ${envFileSetup}
                 ${sCfg.script}

From cee1c9bc5d55f6e017db7fd9e69c41dd87502728 Mon Sep 17 00:00:00 2001
From: lightly-toasted <tooast@duck.com>
Date: Mon, 8 Dec 2025 17:14:57 +0900
Subject: [PATCH 3/4] feat(y2q): add caddy

- Add a runit service for Caddy with a Caddyfile
- Update cloudflared runit service:
  - Add support for multiple subdomains using dynamic YAML generation
  - Each subdomain routes to Caddy running on localhost (port 8080)
---
 home/modules/runit/services/caddy.nix       | 32 +++++++++++++++++++++
 home/modules/runit/services/cloudflared.nix | 14 +++++----
 2 files changed, 41 insertions(+), 5 deletions(-)
 create mode 100644 home/modules/runit/services/caddy.nix

diff --git a/home/modules/runit/services/caddy.nix b/home/modules/runit/services/caddy.nix
new file mode 100644
index 0000000..0b1e1a1
--- /dev/null
+++ b/home/modules/runit/services/caddy.nix
@@ -0,0 +1,32 @@
+{ pkgs, config, ... }:
+
+{
+  home.file.".config/caddy/Caddyfile".text = ''
+    {
+      http_port 8080
+      https_port 8443
+      auto_https off
+    }
+
+    # Cloudflare Tunnel
+    http://gist.toast.name {
+      # Opengist
+      reverse_proxy http://localhost:${config.runit.services.opengist.environment.OG_HTTP_PORT}
+    }
+    
+    # Tailscale
+    http://y2q.ts.toast.name {
+      # Glances
+      reverse_proxy http://localhost:61208
+    }
+  '';
+
+  runit.services.caddy = {
+    script = ''
+      exec ${pkgs.caddy}/bin/caddy run \
+        --config "$HOME/.config/caddy/Caddyfile" \
+        --adapter caddyfile
+    '';
+    log.enable = true;
+  };
+}
diff --git a/home/modules/runit/services/cloudflared.nix b/home/modules/runit/services/cloudflared.nix
index a12f816..6e601bf 100644
--- a/home/modules/runit/services/cloudflared.nix
+++ b/home/modules/runit/services/cloudflared.nix
@@ -1,7 +1,10 @@
-{ pkgs, config, rootPath, ... }:
+{ pkgs, config, rootPath, lib, ... }:
 
 let
   tunnel = "cb0d9c2c-48f9-4bca-9e81-ef92423c5afa";
+  subdomains = [
+    "gist.toast.name"
+  ];
 in
 {
   home.file.".cloudflared/${tunnel}.json".source = rootPath + /secrets/gitcrypt/cloudflared/${tunnel}.json;
@@ -11,10 +14,11 @@ in
     credentials-file: ${config.home.homeDirectory}/.cloudflared/${tunnel}.json
 
     ingress:
-      - hostname: gist.toast.name
-        service: http://${config.runit.services.opengist.environment.OG_HTTP_HOST}:${config.runit.services.opengist.environment.OG_HTTP_PORT}
-
-      - service: http_status:404
+    ${lib.concatMapStringsSep "\n" (host: ''
+      ${"  "}- hostname: ${host}
+      ${"  "}  service: http://localhost:80
+    '') subdomains}
+    ${"  "}- service: http_status:404
   '';
 
   runit.services.cloudflared = {

From 10516f783a9857314b5a2fc2573d93a810512773 Mon Sep 17 00:00:00 2001
From: lightly-toasted <tooast@duck.com>
Date: Mon, 8 Dec 2025 17:52:17 +0900
Subject: [PATCH 4/4] feat(y2q): add restic rest-server

---
 .../runit/services/restic-rest-server.nix     | 21 +++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 home/modules/runit/services/restic-rest-server.nix

diff --git a/home/modules/runit/services/restic-rest-server.nix b/home/modules/runit/services/restic-rest-server.nix
new file mode 100644
index 0000000..0369adf
--- /dev/null
+++ b/home/modules/runit/services/restic-rest-server.nix
@@ -0,0 +1,21 @@
+{ pkgs, ... }:
+
+{
+  runit.services.restic-rest-server = {
+    script = ''
+      DATA_DIR=$HOME/services/restic-rest-server
+      mkdir -p "$DATA_DIR"
+
+      exec ${pkgs.restic-rest-server}/bin/rest-server \
+        --listen "$LISTEN_ADDR" \
+        --log - \
+        --no-auth \
+        --path $DATA_DIR \
+        --prometheus --prometheus-no-auth
+    '';
+
+    environment = {
+      LISTEN_ADDR = "127.0.0.1:9000";
+    };
+  };
+}