From 1a84aa229061c74661efc6d50955c0ab7dd41ba3 Mon Sep 17 00:00:00 2001
From: Toast <toast003@tutamail.com>
Date: Sun, 10 Dec 2023 18:12:27 +0100
Subject: [PATCH] Server: move services to subdomains

---
 roles/server/gitea.nix        | 16 ++++++----------
 roles/server/syncthing.nix    | 14 +++++---------
 roles/server/transmission.nix |  9 ++++++---
 3 files changed, 17 insertions(+), 22 deletions(-)

diff --git a/roles/server/gitea.nix b/roles/server/gitea.nix
index 6cbac30..662da91 100644
--- a/roles/server/gitea.nix
+++ b/roles/server/gitea.nix
@@ -9,31 +9,27 @@
 			server = {
 				#server.SSH_PORT = 69;
 				DISABLE_REGISTRATION = lib.mkDefault true;
-				ROOT_URL = "http://everest/gitea/";
+				ROOT_URL = "http://git.everest.sable-pancake.ts.net";
 			};
 		};
 	};
+
+	# Add a cname for gitea
+	services.dnsmasq.settings.cname = [ "git.everest.sable-pancake.ts.net,everest" ];
+
 	# Set up traefik as the reverse proxy for Gitea
 	services.traefik = {
 		dynamicConfigOptions = {
 			http = {
 				routers = {
-					/*
-					Gitea works best as a subdomain, but I do not have a dns server (yet),
-					and since tailscale doesn't support adding subdomains with MagicDNS I'll
-					just put it in a subpath for now
-					*/
 					gitea-subpath = {
-						middlewares = [ "gitea-strip-prefix" ];
-						rule = "PathPrefix(`/gitea`)";
+						rule = "Host(`git.everest.sable-pancake.ts.net`)";
 						service = "gitea";
 					};
 				};
 				services.gitea.loadBalancer.servers = [
 					{ url = "http://localhost:${toString config.services.gitea.settings.server.HTTP_PORT}"; }
 				];
-				# Gitea freaks out if you don't remove the subpath it's being proxied from
-				middlewares.gitea-strip-prefix.stripprefix.prefixes = "/gitea";
 			};
 		};
 	};
diff --git a/roles/server/syncthing.nix b/roles/server/syncthing.nix
index 489324d..c533cf4 100755
--- a/roles/server/syncthing.nix
+++ b/roles/server/syncthing.nix
@@ -34,26 +34,22 @@
 		AmbientCapabilities = "CAP_CHOWN CAP_FOWNER";
 	};
 
+	# Add a cname for syncthing
+	services.dnsmasq.settings.cname = [ "sync.everest.sable-pancake.ts.net,everest" ];
+
 	# Set up traefik as the reverse proxy for syncthing
 	services.traefik = {
 		dynamicConfigOptions = {
 			http = {
 				routers = {
-					syncthing-subpath = {
-						middlewares = [ "syncthing-add-trailing-slash" "syncthing-strip-prefix" ];
-						rule = "PathPrefix(`/syncthing`)";
+					syncthing-subdomain = {
+						rule = "Host(`sync.everest.sable-pancake.ts.net`)";
 						service = "syncthing";
 					};
 				};
 				services.syncthing.loadBalancer.servers = [
 					{ url = "http://localhost:8384"; }
 				];
-				middlewares.syncthing-strip-prefix.stripprefix.prefixes = "/syncthing";
-				middlewares.syncthing-add-trailing-slash.redirectRegex = {
-					# Going to everest/syncthing without a slash at the end breaks things
-					regex = "http:\/\/everest\/syncthing+$";
-					replacement = "http://everest/syncthing/";
-				};
 			};
 		};
 	};
diff --git a/roles/server/transmission.nix b/roles/server/transmission.nix
index 767981e..ed17095 100755
--- a/roles/server/transmission.nix
+++ b/roles/server/transmission.nix
@@ -7,18 +7,21 @@
 		settings = {
 			incomplete-dir-enabled = false;
 			rpc-bind-address = "0.0.0.0";
-			rpc-host-whitelist = "everest";
+			rpc-host-whitelist = "transmission.everest.sable-pancake.ts.net";
 			rpc-whitelist = "127.0.0.1";
 		};
 	};
 
+	# Add a cname for transmission
+	services.dnsmasq.settings.cname = [ "transmission.everest.sable-pancake.ts.net,everest" ];
+
 	# Set up traefik as the reverse proxy for transmission
 	services.traefik = {
 		dynamicConfigOptions = {
 			http = {
 				routers = {
-					transmission-subpath = {
-						rule = "PathPrefix(`/transmission`)";
+					transmission-subdomain = {
+						rule = "Host(`transmission.everest.sable-pancake.ts.net`)";
 						service = "transmission";
 					};
 				};