From 21a058f5eaecfd1958ad5c6a1a186ee2a48c9f2d Mon Sep 17 00:00:00 2001 From: Yuri Tatishchev Date: Wed, 25 Jun 2025 00:28:09 -0700 Subject: [PATCH] router: refactor caddy config to use wildcard cert --- modules/router/services.nix | 30 +++++++++++++++++------------- 1 file changed, 17 insertions(+), 13 deletions(-) diff --git a/modules/router/services.nix b/modules/router/services.nix index 6713e17..4bebba1 100644 --- a/modules/router/services.nix +++ b/modules/router/services.nix @@ -60,25 +60,29 @@ in plugins = [ "github.com/caddy-dns/cloudflare@v0.2.1" ]; hash = "sha256-2D7dnG50CwtCho+U+iHmSj2w14zllQXPjmTHr6lJZ/A="; }; - virtualHosts."grouter.${domain}".extraConfig = '' + virtualHosts."*.${domain}".extraConfig = '' encode tls { dns cloudflare {env.CF_API_KEY} resolvers 1.1.1.1 } - @grafana path /grafana /grafana/* - handle @grafana { - reverse_proxy localhost:${toString config.services.grafana.settings.server.http_port} - } - redir /adghome /adghome/ - handle_path /adghome/* { - reverse_proxy localhost:${toString config.services.adguardhome.port} - basic_auth { - Bob $2a$14$HsWmmzQTN68K3vwiRAfiUuqIjKoXEXaj9TOLUtG2mO1vFpdovmyBy + + @grouter host grouter.${domain} + handle @grouter { + @grafana path /grafana /grafana/* + handle @grafana { + reverse_proxy localhost:${toString config.services.grafana.settings.server.http_port} + } + redir /adghome /adghome/ + handle_path /adghome/* { + reverse_proxy localhost:${toString config.services.adguardhome.port} + basic_auth { + Bob $2a$14$HsWmmzQTN68K3vwiRAfiUuqIjKoXEXaj9TOLUtG2mO1vFpdovmyBy + } + } + handle /* { + reverse_proxy localhost:${toString config.services.glance.settings.server.port} } - } - handle /* { - reverse_proxy localhost:${toString config.services.glance.settings.server.port} } ''; };