caddy config
This commit is contained in:
nomadics9
parent
abab414120
commit
20fbdd8881
3 changed files with 91 additions and 5 deletions
|
|
@ -4,7 +4,6 @@
|
||||||
imports = [
|
imports = [
|
||||||
./users
|
./users
|
||||||
./services
|
./services
|
||||||
./homelab
|
|
||||||
./vps
|
./vps
|
||||||
inputs.home-manager.nixosModules.home-manager
|
inputs.home-manager.nixosModules.home-manager
|
||||||
];
|
];
|
||||||
|
|
|
||||||
|
|
@ -33,24 +33,80 @@
|
||||||
|
|
||||||
services.caddy = {
|
services.caddy = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
logDir = "/var/log/caddy";
|
||||||
|
|
||||||
|
# Configure log format using mkForce to make sure it takes effect
|
||||||
|
logFormat = lib.mkForce ''
|
||||||
|
level INFO
|
||||||
|
output file /var/log/caddy/access.log {
|
||||||
|
roll_size 50mb
|
||||||
|
roll_keep 5
|
||||||
|
roll_keep_for 720h
|
||||||
|
}
|
||||||
|
format json
|
||||||
|
'';
|
||||||
|
|
||||||
|
# Reverse proxy configuration for each domain
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
fs.nmd.mov {
|
fs.nmd.mov {
|
||||||
reverse_proxy localhost:5000
|
reverse_proxy localhost:5000
|
||||||
|
log
|
||||||
}
|
}
|
||||||
|
|
||||||
vpn.nmd.mov {
|
vpn.nmd.mov {
|
||||||
reverse_proxy localhost:51821
|
reverse_proxy localhost:51821
|
||||||
|
log
|
||||||
}
|
}
|
||||||
|
|
||||||
s.nmd.mov {
|
s.nmd.mov {
|
||||||
reverse_proxy localhost:8384
|
reverse_proxy localhost:8384
|
||||||
|
log
|
||||||
}
|
}
|
||||||
|
|
||||||
drop.nmd.mov {
|
drop.nmd.mov {
|
||||||
reverse_proxy localhost:3000
|
reverse_proxy localhost:3000
|
||||||
}
|
log
|
||||||
|
}
|
||||||
|
|
||||||
dot.nmd.mov {
|
dot.nmd.mov {
|
||||||
reverse_proxy localhost:4400
|
reverse_proxy localhost:19999
|
||||||
|
log
|
||||||
|
|
||||||
|
basic_auth /* {
|
||||||
|
nomad $2a$12$toBh5sfXyxigtHGNY4t8tO7YYQp6i3aZk/O0qd19lgk0LRz5eqDVi
|
||||||
|
}
|
||||||
}
|
}
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
services.netdata = {
|
||||||
|
enable = true;
|
||||||
|
package = pkgs.netdata.override {
|
||||||
|
withCloudUi = true;
|
||||||
|
};
|
||||||
|
extraPluginPaths = [ "/etc/netdata/custom-plugins.d" ];
|
||||||
|
configDir = {
|
||||||
|
# Add the custom plugin script to the Netdata configuration directory
|
||||||
|
"plugins.d/caddy_visitors.sh" = pkgs.writeText "caddy_visitors.sh" ''
|
||||||
|
#!/bin/env/sh
|
||||||
|
|
||||||
|
# Path to the Caddy JSON access log file
|
||||||
|
log_file="/var/log/caddy/access.log"
|
||||||
|
|
||||||
|
# Extract unique visitor IPs from JSON log file
|
||||||
|
unique_visitors=$(jq -r "select(.request.remote_ip != null) | .request.remote_ip" "$log_file" | sort | uniq | wc -l)
|
||||||
|
|
||||||
|
# Define the chart
|
||||||
|
echo CHART caddy_visitors.unique_ips "Unique Visitors from Caddy Logs" "IPs" "Caddy Logs" caddy_visitors line $((netdata_update_every * 10)) 1
|
||||||
|
echo DIMENSION unique_visitors "" absolute 1 1
|
||||||
|
|
||||||
|
# Output the result in a format that Netdata understands
|
||||||
|
echo BEGIN caddy_visitors.unique_ips
|
||||||
|
echo SET unique_visitors = $unique_visitors
|
||||||
|
echo END
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
networking.useDHCP = lib.mkForce false;
|
networking.useDHCP = lib.mkForce false;
|
||||||
|
|
@ -107,10 +163,11 @@
|
||||||
zsh
|
zsh
|
||||||
arion
|
arion
|
||||||
sops
|
sops
|
||||||
|
jq
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
||||||
networking.firewall.enable = false;
|
networking.firewall.enable = true;
|
||||||
networking.firewall.allowedTCPPorts = [
|
networking.firewall.allowedTCPPorts = [
|
||||||
22
|
22
|
||||||
80
|
80
|
||||||
|
|
@ -127,6 +184,12 @@
|
||||||
21027
|
21027
|
||||||
51820
|
51820
|
||||||
];
|
];
|
||||||
|
networking.firewall.extraCommands = ''
|
||||||
|
# Allow access to port 19999 from localhost
|
||||||
|
iptables -A INPUT -p tcp -s 127.0.0.1 --dport 19999 -j ACCEPT
|
||||||
|
# Block all other access to port 19999
|
||||||
|
iptables -A INPUT -p tcp --dport 19999 -j DROP
|
||||||
|
'';
|
||||||
system.stateVersion = "24.05";
|
system.stateVersion = "24.05";
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1 +1,25 @@
|
||||||
nix store diff-closures $(ls -d /nix/var/nix/profiles/*|tail -2)
|
output=$(nix store diff-closures $(ls -d /nix/var/nix/profiles/* | tail -2) | sed -r "s/\x1B\[[0-9;]*[mK]//g")
|
||||||
|
|
||||||
|
# Replace newline characters with spaces for a more horizontal notification
|
||||||
|
formatted_output=$(echo "$output" | awk '
|
||||||
|
{
|
||||||
|
# Extract package name, version, and size from the input line
|
||||||
|
if (match($0, /^([^:]+):.*→ ([^,]+), \+([0-9.]+) KiB/, arr)) {
|
||||||
|
package = arr[1]
|
||||||
|
full_version = arr[2]
|
||||||
|
size_kib = arr[3]
|
||||||
|
|
||||||
|
# Extract only the first and second numbers of the version
|
||||||
|
split(full_version, version_parts, ".")
|
||||||
|
version = version_parts[1] "." version_parts[2]
|
||||||
|
|
||||||
|
# Convert KiB to MiB and round to the nearest whole number if needed
|
||||||
|
size_mib = size_kib / 1024
|
||||||
|
size_mib_rounded = (size_mib >= 1) ? sprintf("%.0f", size_mib) "M" : size_kib "KiB"
|
||||||
|
|
||||||
|
# Create the formatted output line with special characters to make it stand out
|
||||||
|
printf "🔹 %s: %s +%s\n", package, version, size_mib_rounded
|
||||||
|
}
|
||||||
|
}')
|
||||||
|
dunstify -u low -h string:x-dunst-stack-tag:diff -a "💫 Updated Packages" "$formatted_output"
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue