cilly/flakes
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

containers: clean up domain names
Some checks are pending
CI / Build linux-lava for x86_64-linux (push) Waiting to run
Details

Browse source
This commit is contained in:
Cilly Leang 2026-03-17 17:01:15 +11:00
parent 2f79c9d6ec
commit cc8e7058b3
Signed by: cilly
GPG key ID: 6500251E087653C9
6 changed files with 17 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

3
containers/amethyst/flake.nix
View file

@ -9,6 +9,7 @@
nixosModule = { ... }: nixosModule = { ... }:
let let
name = "amethyst"; name = "amethyst";
fqdn = "amethyst.lava.moe";
subnet = "1"; subnet = "1";
in { in {
networking.nat = { networking.nat = {
@ -17,7 +18,7 @@
internalInterfaces = [ "ve-${name}" ]; internalInterfaces = [ "ve-${name}" ];
}; };
services.nginx.virtualHosts."${name}.local.lava.moe" = { services.nginx.virtualHosts."${fqdn}" = {
useACMEHost = "lava.moe"; useACMEHost = "lava.moe";
forceSSL = true; forceSSL = true;
locations."/".proxyPass = "http://[fd0d:1::${subnet}:2]:9091"; locations."/".proxyPass = "http://[fd0d:1::${subnet}:2]:9091";

9
containers/beryllium/flake.nix
View file

@ -9,6 +9,7 @@
nixosModule = { ... }: nixosModule = { ... }:
let let
name = "beryllium"; name = "beryllium";
fqdn = "beryllium.lava.moe";
subnet = "2"; subnet = "2";
in { in {
networking.nat = { networking.nat = {
@ -17,7 +18,7 @@
internalInterfaces = [ "ve-${name}" ]; internalInterfaces = [ "ve-${name}" ];
}; };
services.nginx.virtualHosts."${name}.lava.moe" = { services.nginx.virtualHosts."${fqdn}" = {
useACMEHost = "lava.moe"; useACMEHost = "lava.moe";
forceSSL = true; forceSSL = true;
locations."/".extraConfig = "return 302 'https://lava.moe';"; locations."/".extraConfig = "return 302 'https://lava.moe';";
@ -29,7 +30,7 @@
services.nginx.virtualHosts."lava.moe" = { services.nginx.virtualHosts."lava.moe" = {
locations."= /.well-known/matrix/server".extraConfig = locations."= /.well-known/matrix/server".extraConfig =
let let
server = { "m.server" = "beryllium.lava.moe:443"; }; server = { "m.server" = "${fqdn}:443"; };
in '' in ''
add_header Content-Type application/json; add_header Content-Type application/json;
return 200 '${builtins.toJSON server}'; return 200 '${builtins.toJSON server}';
@ -37,7 +38,7 @@
locations."= /.well-known/matrix/client".extraConfig = locations."= /.well-known/matrix/client".extraConfig =
let let
client = { client = {
"m.homeserver" = { "base_url" = "https://beryllium.lava.moe"; }; "m.homeserver" = { "base_url" = "https://${fqdn}"; };
# "m.identity_server" = { "base_url" = "https://vector.im"; }; # "m.identity_server" = { "base_url" = "https://vector.im"; };
}; };
in '' in ''
@ -51,8 +52,6 @@
containers.${name} = { containers.${name} = {
autoStart = true; autoStart = true;
privateNetwork = true; privateNetwork = true;
hostAddress = "10.30.${subnet}.1";
localAddress = "10.30.${subnet}.2";
hostAddress6 = "fd0d:1::${subnet}:1"; hostAddress6 = "fd0d:1::${subnet}:1";
localAddress6 = "fd0d:1::${subnet}:2"; localAddress6 = "fd0d:1::${subnet}:2";
# privateUsers = "pick"; # privateUsers = "pick";

6
containers/citrine/configuration.nix
View file

@ -1,4 +1,4 @@
{ config, lib, ... }: { { config, fqdn, lib, ... }: {
system.stateVersion = "25.11"; system.stateVersion = "25.11";
networking.firewall.allowedTCPPorts = [ 22 3000 ]; networking.firewall.allowedTCPPorts = [ 22 3000 ];
networking.firewall.allowedUDPPorts = [ 22 3000 ]; networking.firewall.allowedUDPPorts = [ 22 3000 ];
@ -13,8 +13,8 @@
settings = { settings = {
DEFAULT.APP_NAME = "Garden"; DEFAULT.APP_NAME = "Garden";
server = { server = {
DOMAIN = "garden.lava.moe"; DOMAIN = fqdn;
ROOT_URL = "https://garden.lava.moe/"; ROOT_URL = "https://${fqdn}/";
HTTP_PORT = 3000; HTTP_PORT = 3000;
START_SSH_SERVER = true; START_SSH_SERVER = true;
BUILTIN_SSH_SERVER_USER = "git"; BUILTIN_SSH_SERVER_USER = "git";

4
containers/citrine/flake.nix
View file

@ -6,6 +6,7 @@
outputs = { nixpkgs, catppuccin, ... }: outputs = { nixpkgs, catppuccin, ... }:
let let
name = "citrine"; name = "citrine";
fqdn = "garden.lava.moe";
subnetId = "3"; subnetId = "3";
subnet = x: "fd0d:1::${subnetId}:${toString x}"; subnet = x: "fd0d:1::${subnetId}:${toString x}";
@ -35,7 +36,7 @@
internalInterfaces = [ "ve-${name}" ]; internalInterfaces = [ "ve-${name}" ];
}; };
services.nginx.virtualHosts."garden.lava.moe" = { services.nginx.virtualHosts."${fqdn}" = {
useACMEHost = "lava.moe"; useACMEHost = "lava.moe";
forceSSL = true; forceSSL = true;
locations."/".proxyPass = "http://[${client}]:3000"; locations."/".proxyPass = "http://[${client}]:3000";
@ -53,6 +54,7 @@
nixpkgs = nixpkgs; nixpkgs = nixpkgs;
ephemeral = true; ephemeral = true;
config = { imports = modules; }; config = { imports = modules; };
specialArgs = { inherit fqdn; };
bindMounts."persist" = { bindMounts."persist" = {
hostPath = "/persist/containers/${name}"; hostPath = "/persist/containers/${name}";

4
containers/diamond/configuration.nix
View file

@ -1,4 +1,4 @@
{ config, lib, ... }: { { fqdn, ... }: {
system.stateVersion = "25.11"; system.stateVersion = "25.11";
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"d /persist/vaultwarden 755 vaultwarden vaultwarden" "d /persist/vaultwarden 755 vaultwarden vaultwarden"
@ -13,6 +13,6 @@
services.vaultwarden = { services.vaultwarden = {
enable = true; enable = true;
domain = "diamond.local.lava.moe"; domain = fqdn;
}; };
} }

4
containers/diamond/flake.nix
View file

@ -5,6 +5,7 @@
outputs = { nixpkgs, ... }: outputs = { nixpkgs, ... }:
let let
name = "diamond"; name = "diamond";
fqdn = "astransia.lava.moe";
subnetId = "4"; subnetId = "4";
subnet = x: "fd0d:1::${subnetId}:${toString x}"; subnet = x: "fd0d:1::${subnetId}:${toString x}";
@ -19,7 +20,7 @@
inherit modules; inherit modules;
}; };
nixosModule = { ... }: { nixosModule = { ... }: {
services.nginx.virtualHosts."diamond.local.lava.moe" = { services.nginx.virtualHosts."${fqdn}" = {
useACMEHost = "lava.moe"; useACMEHost = "lava.moe";
forceSSL = true; forceSSL = true;
locations."/".proxyPass = "http://[${client}]:8000"; locations."/".proxyPass = "http://[${client}]:8000";
@ -35,6 +36,7 @@
nixpkgs = nixpkgs; nixpkgs = nixpkgs;
ephemeral = true; ephemeral = true;
config = { imports = modules; }; config = { imports = modules; };
specialArgs = { inherit fqdn; };
bindMounts."persist" = { bindMounts."persist" = {
hostPath = "/persist/containers/${name}"; hostPath = "/persist/containers/${name}";