Make ashers site work

2025-06-11 23:39:50 +02:00 · 2025-06-11 23:39:50 +02:00 · 27bc5c0d2f
commit 27bc5c0d2f
parent 30a471535a
5 changed files with 88 additions and 72 deletions
--- a/hosts/portainer.nix
+++ b/hosts/portainer.nix
@ -13,6 +13,12 @@ rec {
      target = "http://${ip}:80";
      priority = 1;
    }
+    {
+      name = "${hostname}-asher-portfolio";
+      rule = "Host(`asherdejong.nl`)";
+      target = "http://${ip}:80";
+      priority = 1;
+    }
    {
      name = "${hostname}-transmission";
      rule = "Host(`transmission.kallestruik.nl`) && ClientIP(`192.168.10.0/24`)";
--- a/roles/forgejo.nix
+++ b/roles/forgejo.nix
@ -1,3 +1,7 @@
+let
+  appDataInCeph = "/appdata/forgejo";
+  appDir = "/cephfs${appDataInCeph}";
+in
 {
  name = "Forgejo";
  description = ''
@ -21,6 +25,8 @@
      }
    ];

+  cephBackupPaths = [ appDataInCeph ];
+
  nixosModule =
    {
      pkgs,
@ -77,7 +83,7 @@
                    echo "No arguments supplied"
                    exit 1
                fi
-                sudo -u forgejo -- ${lib.getExe pkgs.forgejo} --config /cephfs/appdata/forgejo/custom/conf/app.ini $@
+                sudo -u forgejo -- ${lib.getExe pkgs.forgejo} --config ${appDir}/custom/conf/app.ini $@
              '';
            in
            [
@ -92,7 +98,7 @@
          services.forgejo = {
            enable = true;
            package = pkgs.forgejo;
-            stateDir = "/cephfs/appdata/forgejo";
+            stateDir = appDir;
            lfs.enable = true;

            database = {
--- a/roles/freshrss.nix
+++ b/roles/freshrss.nix
@ -1,3 +1,8 @@
+let
+  appDataInCeph = "/appdata/freshrss";
+  appDir = "/cephfs${appDataInCeph}";
+  dataDir = "${appDir}/data";
+in
 {
  name = "FreshRSS";
  description = ''
@ -21,6 +26,8 @@
      }
    ];

+  cephBackupPaths = [ appDataInCeph ];
+
  nixosModule =
    {
      lib,
@ -34,17 +41,9 @@
        domain = lib.mkOption {
          type = lib.types.str;
        };
-        adminUser = lib.mkOption {
-          type = lib.types.str;
-        };
      };

-      config =
-        let
-          appDir = "/cephfs/appdata/freshrss";
-          dataDir = "${appDir}/data";
-        in
-        {
+      config = {
        networking.firewall.allowedTCPPorts = [
          1342 # Freshrss
        ];
--- a/roles/traefik.nix
+++ b/roles/traefik.nix
@ -115,6 +115,9 @@
                    dnsChallenge = {
                      provider = "cloudflare";
                    };
+                    httpChallenge = {
+                      entryPoint = "web";
+                    };
                  };
                };
              };
@ -130,6 +133,7 @@
                      service = route.name;
                      rule = route.rule;
                      priority = route.priority or "0";
+                      tls.certresolver = "letsencrypt";
                    };
                  }) routes
                );
--- a/utils.nix
+++ b/utils.nix
@ -49,6 +49,7 @@
  mkRole = cfg: {
    inherit (cfg) name description nixosModule;
    traefikRoutes = cfg.traefikRoutes or ({ ... }: [ ]);
+    cephBackupPaths = cfg.cephBackupPaths or [ ];
  };

  mkHost = cfg: {