From e15aa9ba44a1c0079de31013db91f63ef7fdb822 Mon Sep 17 00:00:00 2001 From: Toast Date: Sun, 3 Nov 2024 20:20:07 +0100 Subject: [PATCH 1/4] Server/syncthing: bind to localhost --- roles/server/syncthing.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/roles/server/syncthing.nix b/roles/server/syncthing.nix index 74caa4b..7982b1f 100755 --- a/roles/server/syncthing.nix +++ b/roles/server/syncthing.nix @@ -3,7 +3,7 @@ enable = true; key = config.age.secrets.syncthingKey.path; cert = config.age.secrets.syncthingCert.path; - guiAddress = "0.0.0.0:8384"; + guiAddress = "127.0.0.1:8384"; settings.folders = { "passwords" = { path = "${config.services.syncthing.dataDir}/passwords"; @@ -53,7 +53,9 @@ hostName = "sync.everest.tailscale"; extraConfig = '' import tailscale - reverse_proxy localhost:8384 + reverse_proxy localhost:8384 { + header_up Host {upstream_hostport} + } ''; }; } From e531e6cb6884687e7e8f5012e809793815ad52d1 Mon Sep 17 00:00:00 2001 From: Toast Date: Tue, 5 Nov 2024 10:42:47 +0100 Subject: [PATCH 2/4] Services: add adguard --- roles/server/adguard.nix | 40 ++++++++++++++++++++++++++++++++++++++++ roles/server/default.nix | 1 + 2 files changed, 41 insertions(+) create mode 100644 roles/server/adguard.nix diff --git a/roles/server/adguard.nix b/roles/server/adguard.nix new file mode 100644 index 0000000..e1bf922 --- /dev/null +++ b/roles/server/adguard.nix @@ -0,0 +1,40 @@ +{lib, ...}: let + domain = "adguard.everest.tailscale"; + port = 3001; +in { + services = { + adguardhome = { + enable = true; + host = "127.0.0.1"; + port = port; + settings = { + dns = { + bind_hosts = [ + "192.168.0.160" + "100.100.0.1" + ]; + bootstrap_dns = ["9.9.9.9"]; + }; + }; + }; + + headscale.settings.dns_config = { + nameservers = lib.mkForce ["100.100.0.1"]; + extra_records = [ + { + name = domain; + type = "A"; + value = "100.100.0.1"; + } + ]; + }; + + caddy.virtualHosts.adguardhome = { + hostName = domain; + extraConfig = '' + import tailscale + reverse_proxy 127.0.0.1:${builtins.toString port} + ''; + }; + }; +} diff --git a/roles/server/default.nix b/roles/server/default.nix index bc1a6ea..3596f3a 100755 --- a/roles/server/default.nix +++ b/roles/server/default.nix @@ -15,5 +15,6 @@ ./caddy.nix ./rust_motd.nix ./minecraft.nix + ./adguard.nix ]; } From 3b5c8735be633544c9a1f1d22a5ade7c2274c0cd Mon Sep 17 00:00:00 2001 From: Toast Date: Tue, 5 Nov 2024 11:00:42 +0100 Subject: [PATCH 3/4] Services/rust_motd: add adguard status --- roles/server/adguard.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/server/adguard.nix b/roles/server/adguard.nix index e1bf922..ba9d995 100644 --- a/roles/server/adguard.nix +++ b/roles/server/adguard.nix @@ -37,4 +37,5 @@ in { ''; }; }; + programs.rust-motd.settings.service_status."AdGuard Home" = "adguardhome"; } From 32b291be200ad9ecc6e9e89fa04f149f5f44c7f7 Mon Sep 17 00:00:00 2001 From: Toast Date: Tue, 5 Nov 2024 11:08:45 +0100 Subject: [PATCH 4/4] Server/rust_motd: add headscale status --- roles/server/headscale.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/server/headscale.nix b/roles/server/headscale.nix index 4575327..8619dd3 100644 --- a/roles/server/headscale.nix +++ b/roles/server/headscale.nix @@ -21,4 +21,5 @@ ''; }; }; + programs.rust-motd.settings.service_status.Headscale = "headscale"; }