diff --git a/roles/server/adguard.nix b/roles/server/adguard.nix new file mode 100644 index 0000000..ba9d995 --- /dev/null +++ b/roles/server/adguard.nix @@ -0,0 +1,41 @@ +{lib, ...}: let + domain = "adguard.everest.tailscale"; + port = 3001; +in { + services = { + adguardhome = { + enable = true; + host = "127.0.0.1"; + port = port; + settings = { + dns = { + bind_hosts = [ + "192.168.0.160" + "100.100.0.1" + ]; + bootstrap_dns = ["9.9.9.9"]; + }; + }; + }; + + headscale.settings.dns_config = { + nameservers = lib.mkForce ["100.100.0.1"]; + extra_records = [ + { + name = domain; + type = "A"; + value = "100.100.0.1"; + } + ]; + }; + + caddy.virtualHosts.adguardhome = { + hostName = domain; + extraConfig = '' + import tailscale + reverse_proxy 127.0.0.1:${builtins.toString port} + ''; + }; + }; + programs.rust-motd.settings.service_status."AdGuard Home" = "adguardhome"; +} diff --git a/roles/server/default.nix b/roles/server/default.nix index bc1a6ea..3596f3a 100755 --- a/roles/server/default.nix +++ b/roles/server/default.nix @@ -15,5 +15,6 @@ ./caddy.nix ./rust_motd.nix ./minecraft.nix + ./adguard.nix ]; } diff --git a/roles/server/headscale.nix b/roles/server/headscale.nix index 4575327..8619dd3 100644 --- a/roles/server/headscale.nix +++ b/roles/server/headscale.nix @@ -21,4 +21,5 @@ ''; }; }; + programs.rust-motd.settings.service_status.Headscale = "headscale"; } diff --git a/roles/server/syncthing.nix b/roles/server/syncthing.nix index 74caa4b..7982b1f 100755 --- a/roles/server/syncthing.nix +++ b/roles/server/syncthing.nix @@ -3,7 +3,7 @@ enable = true; key = config.age.secrets.syncthingKey.path; cert = config.age.secrets.syncthingCert.path; - guiAddress = "0.0.0.0:8384"; + guiAddress = "127.0.0.1:8384"; settings.folders = { "passwords" = { path = "${config.services.syncthing.dataDir}/passwords"; @@ -53,7 +53,9 @@ hostName = "sync.everest.tailscale"; extraConfig = '' import tailscale - reverse_proxy localhost:8384 + reverse_proxy localhost:8384 { + header_up Host {upstream_hostport} + } ''; }; }