From 06f2940147b8c85f98692fc4eb80d1093262e6a7 Mon Sep 17 00:00:00 2001 From: Drew Haven Date: Wed, 12 Mar 2025 13:40:44 -0700 Subject: [PATCH] [mcp] Moves Gitea to blazestar, adds more support for multiple domains --- system/hosts/mcp/containers.nix | 53 +++++++++++++++++---------------- 1 file changed, 28 insertions(+), 25 deletions(-) diff --git a/system/hosts/mcp/containers.nix b/system/hosts/mcp/containers.nix index eada224..c88add0 100644 --- a/system/hosts/mcp/containers.nix +++ b/system/hosts/mcp/containers.nix @@ -59,11 +59,14 @@ virtualisation.oci-containers.backend = "podman"; virtualisation.oci-containers.containers = let - domain = "havenisms.com"; - hostRule = host: "Host(`${host}.${domain}`)"; + havenisms = "havenisms.com"; + blazestar = "blazestar.net"; + hostRule = host: domain: "Host(`${host}.${domain}`)"; + hostRuleHavenisms = host: hostRule host havenisms; localNet = "192.168.0.0/16"; localNetRule = "ClientIP(`${localNet}`)"; - localHostRule = host: "${localNetRule} && ${hostRule host}"; + localHostRule = host: domain: "${localNetRule} && ${hostRule host domain}"; + localHostRuleHavenisms = host: localHostRule host havenisms; in { traefik = { @@ -73,12 +76,12 @@ extraOptions = [ # Proxying Traefik itself "-l=traefik.enable=true" - "-l=traefik.http.routers.traefik.rule=${localHostRule "proxy"}" + "-l=traefik.http.routers.traefik.rule=${localHostRuleHavenisms "proxy"}" "-l=traefik.http.services.traefik.loadbalancer.server.port=8080" "-l=homepage.group=Infra" "-l=homepage.name=Traefik" "-l=homepage.icon=traefik.svg" - "-l=homepage.href=https://proxy.${domain}" + "-l=homepage.href=https://proxy.${havenisms}" "-l=homepage.description=Reverse proxy" "-l=homepage.widget.type=traefik" "-l=homepage.widget.url=http://traefik:8080" @@ -100,12 +103,12 @@ extraOptions = [ "--device=/dev/dri:/dev/dri" "-l=traefik.enable=true" - "-l=traefik.http.routers.jellyfin.rule=${hostRule "jellyfin"}" + "-l=traefik.http.routers.jellyfin.rule=${hostRuleHavenisms "jellyfin"}" "-l=traefik.http.services.jellyfin.loadbalancer.server.port=8096" "-l=homepage.group=Apps" "-l=homepage.name=Jellyfin" "-l=homepage.icon=jellyfin.svg" - "-l=homepage.href=https://jellyfin.${domain}" + "-l=homepage.href=https://jellyfin.${havenisms}" "-l=homepage.description=Media player" "-l=homepage.widget.type=jellyfin" "-l=homepage.widget.key={{HOMEPAGE_FILE_JELLYFIN_KEY}}" @@ -134,7 +137,7 @@ "-l=homepage.group=Arr" "-l=homepage.name=Deluge" "-l=homepage.icon=deluge.svg" - "-l=homepage.href=https://deluge.${domain}" + "-l=homepage.href=https://deluge.${havenisms}" "-l=homepage.description=Torrent client" "-l=homepage.widget.type=deluge" "-l=homepage.widget.password={{HOMEPAGE_FILE_DELUGE_PASSWORD}}" @@ -156,10 +159,10 @@ "-l=homepage.group=Arr" "-l=homepage.name=qBitTorrent" "-l=homepage.icon=qbittorrent.svg" - "-l=homepage.href=https://torrents.${domain}" + "-l=homepage.href=https://torrents.${havenisms}" "-l=homepage.description=Torrent client" "-l=homepage.widget.type=qbittorrent" - "-l=homepage.widget.url=http://torrents.${domain}" + "-l=homepage.widget.url=http://torrents.${havenisms}" ]; volumes = [ "/tank/media/Downloads:/downloads" @@ -179,13 +182,13 @@ "--cap-add=NET_ADMIN" "--device=/dev/net/tun:/dev/net/tun" "-l=traefik.enable=true" - "-l=traefik.http.routers.torrents.rule=${localHostRule "torrents"}" + "-l=traefik.http.routers.torrents.rule=${localHostRuleHavenisms "torrents"}" "-l=traefik.http.routers.torrents.service=torrents" "-l=traefik.http.services.torrents.loadbalancer.server.port=8080" "-l=homepage.group=Infra" "-l=homepage.name=GlueTun" "-l=homepage.icon=gluetun.svg" - "-l=homepage.href=https://torrents.${domain}" + "-l=homepage.href=https://torrents.${havenisms}" "-l=homepage.description=VPN killswitch" "-l=homepage.widget.type=gluetun" "-l=homepage.widget.url=http://gluetun:8000" @@ -206,12 +209,12 @@ autoStart = true; extraOptions = [ "-l=traefik.enable=true" - "-l=traefik.http.routers.prowlarr.rule=${localHostRule "prowlarr"}" + "-l=traefik.http.routers.prowlarr.rule=${localHostRuleHavenisms "prowlarr"}" "-l=traefik.http.services.prowlarr.loadbalancer.server.port=9696" "-l=homepage.group=Arr" "-l=homepage.name=Prowlarr" "-l=homepage.icon=prowlarr.svg" - "-l=homepage.href=https://prowlarr.${domain}" + "-l=homepage.href=https://prowlarr.${havenisms}" "-l=homepage.description=Torrent indexer" ]; volumes = [ @@ -244,12 +247,12 @@ autoStart = true; extraOptions = [ "-l=traefik.enable=true" - "-l=traefik.http.routers.radarr.rule=${localHostRule "radarr"}" + "-l=traefik.http.routers.radarr.rule=${localHostRuleHavenisms "radarr"}" "-l=traefik.http.services.radarr.loadbalancer.server.port=7878" "-l=homepage.group=Arr" "-l=homepage.name=Radarr" "-l=homepage.icon=radarr.svg" - "-l=homepage.href=https://radarr.${domain}" + "-l=homepage.href=https://radarr.${havenisms}" "-l=homepage.description=Movie acquisition" "-l=homepage.widget.type=radarr" "-l=homepage.widget.url=http://radarr:7878" @@ -268,12 +271,12 @@ autoStart = true; extraOptions = [ "-l=traefik.enable=true" - "-l=traefik.http.routers.sonarr.rule=${localHostRule "sonarr"}" + "-l=traefik.http.routers.sonarr.rule=${localHostRuleHavenisms "sonarr"}" "-l=traefik.http.services.sonarr.loadbalancer.server.port=8989" "-l=homepage.group=Arr" "-l=homepage.name=Sonarr" "-l=homepage.icon=sonarr.svg" - "-l=homepage.href=https://sonarr.${domain}" + "-l=homepage.href=https://sonarr.${havenisms}" "-l=homepage.description=Show acquisition" "-l=homepage.widget.type=sonarr" "-l=homepage.widget.url=http://sonarr:8989" @@ -293,12 +296,12 @@ autoStart = true; extraOptions = [ "-l=traefik.enable=true" - "-l=traefik.http.routers.readarr.rule=${localHostRule "readarr"}" + "-l=traefik.http.routers.readarr.rule=${localHostRuleHavenisms "readarr"}" "-l=traefik.http.services.readarr.loadbalancer.server.port=8787" "-l=homepage.group=Arr" "-l=homepage.name=Readarr" "-l=homepage.icon=readarr.svg" - "-l=homepage.href=https://readarr.${domain}" + "-l=homepage.href=https://readarr.${havenisms}" "-l=homepage.description=E-book acquisition" "-l=homepage.widget.type=readarr" "-l=homepage.widget.url=http://readarr.havenisms.com:8787" @@ -317,7 +320,7 @@ autoStart = true; extraOptions = [ "-l=traefik.enable=true" - "-l=traefik.http.routers.homepage.rule=${localHostRule "start"}" + "-l=traefik.http.routers.homepage.rule=${localHostRuleHavenisms "start"}" "-l=traefik.http.services.homepage.loadbalancer.server.port=3000" ]; volumes = [ @@ -341,12 +344,12 @@ autoStart = true; extraOptions = [ "-l=traefik.enable=true" - "-l=traefik.http.routers.scrutiny.rule=${localHostRule "scrutiny"}" + "-l=traefik.http.routers.scrutiny.rule=${localHostRuleHavenisms "scrutiny"}" "-l=traefik.http.services.scrutiny.loadbalancer.server.port=8080" "-l=homepage.group=Infra" "-l=homepage.name=Scrutiny" "-l=homepage.icon=scrutiny-light.png" - "-l=homepage.href=https://scrutiny.${domain}" + "-l=homepage.href=https://scrutiny.${havenisms}" "-l=homepage.description=S.M.A.R.T. monitoring" "-l=homepage.widget.type=scrutiny" "-l=homepage.widget.url=http://scrutiny:8080" @@ -377,12 +380,12 @@ ]; extraOptions = [ "-l=traefik.enable=true" - "-l=traefik.http.routers.gitea.rule=${localHostRule "git"}" + "-l=traefik.http.routers.gitea.rule=${hostRule "git" blazestar}" "-l=traefik.http.services.gitea.loadbalancer.server.port=3000" "-l=homepage.group=Apps" "-l=homepage.name=Gitea" "-l=homepage.icon=gitea.png" - "-l=homepage.href=https://git.${domain}" + "-l=homepage.href=https://git.${blazestar}" "-l=homepage.description=Git Server" ]; ports = [