2024-06-13 13:52:45 +07:00
|
|
|
{ config, lib, ... }:
|
|
|
|
let
|
|
|
|
cfg = config.profile.services.caddy;
|
2024-09-04 20:17:37 +07:00
|
|
|
inherit (lib) mkIf attrsets strings lists;
|
2024-06-13 13:52:45 +07:00
|
|
|
in
|
|
|
|
{
|
|
|
|
config = mkIf cfg.enable {
|
|
|
|
services.caddy = {
|
|
|
|
enable = true;
|
|
|
|
};
|
2024-06-13 20:52:45 +07:00
|
|
|
|
2024-09-10 12:09:50 +07:00
|
|
|
services.caddy.globalConfig = /*caddy*/ ''
|
|
|
|
servers {
|
|
|
|
metrics
|
|
|
|
}
|
|
|
|
'';
|
|
|
|
|
2024-09-16 08:34:40 +07:00
|
|
|
services.caddy.virtualHosts =
|
2024-09-04 20:17:37 +07:00
|
|
|
let
|
|
|
|
domains = attrsets.mapAttrsToList (name: _: strings.removePrefix "https://" name) config.services.caddy.virtualHosts;
|
|
|
|
sortedDomains = lists.sort (a: b: a < b) domains;
|
2024-09-07 09:55:12 +07:00
|
|
|
list = map
|
|
|
|
(domain: /*html*/ ''
|
2024-09-07 10:01:28 +07:00
|
|
|
<div class="col-12 col-sm-6 col-md-4 col-lg-3 text-center align-middle">
|
2024-09-07 09:55:12 +07:00
|
|
|
<a href="https://${domain}">${domain}</a>
|
|
|
|
</div>'')
|
|
|
|
sortedDomains;
|
2024-09-04 20:17:37 +07:00
|
|
|
items = strings.concatStringsSep "\n" list;
|
2024-09-07 09:55:12 +07:00
|
|
|
html = /*html*/
|
|
|
|
''<!DOCTYPE html>
|
|
|
|
<html>
|
|
|
|
<head>
|
|
|
|
<title>Hosted Sites</title>
|
|
|
|
<link
|
|
|
|
rel="stylesheet"
|
|
|
|
href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css"
|
|
|
|
integrity="sha384-QWTKZyjpPEjISv5WaRU9OFeRpok6YctnYmDr5pNlyT2bRjXh0JMhjY6hW+ALEwIH"
|
|
|
|
crossorigin="anonymous">
|
|
|
|
</head>
|
|
|
|
<body class="container">
|
|
|
|
<h1 class="text-center">Hosted Sites</h1>
|
|
|
|
<div class="row g-4">
|
|
|
|
${items}
|
|
|
|
</div>
|
|
|
|
</body>
|
|
|
|
</html>'';
|
2024-09-04 20:17:37 +07:00
|
|
|
in
|
2024-09-16 08:34:40 +07:00
|
|
|
{
|
|
|
|
"router.tigor.web.id".extraConfig = ''
|
|
|
|
@denied not remote_ip private_ranges
|
|
|
|
|
|
|
|
respond @denied "Access denied" 403
|
|
|
|
|
|
|
|
reverse_proxy 192.168.100.1
|
|
|
|
'';
|
|
|
|
"tigor.web.id".extraConfig =
|
|
|
|
''
|
|
|
|
header Content-Type text/html
|
|
|
|
respond <<EOF
|
|
|
|
${html}
|
|
|
|
EOF 200
|
|
|
|
'';
|
|
|
|
"crowfx.web.id".extraConfig =
|
|
|
|
''
|
|
|
|
header Content-Type text/html
|
|
|
|
respond <<EOF
|
|
|
|
${html}
|
|
|
|
EOF 200
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
2024-09-16 10:32:43 +07:00
|
|
|
environment.etc."alloy/config.alloy".text =
|
|
|
|
/*hcl*/ ''
|
|
|
|
local.file_match "caddy_access_log" {
|
|
|
|
path_targets = [
|
|
|
|
{
|
|
|
|
"__path__" = "/var/log/caddy/*.log",
|
|
|
|
},
|
|
|
|
]
|
2024-09-16 10:36:05 +07:00
|
|
|
sync_period = "30s"
|
2024-09-16 10:32:43 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
loki.source.file "caddy_access_log" {
|
|
|
|
targets = local.file_match.caddy_access_log.targets
|
|
|
|
forward_to = [loki.process.caddy_access_log.receiver]
|
|
|
|
}
|
|
|
|
|
|
|
|
loki.process "caddy_access_log" {
|
|
|
|
forward_to = [loki.write.default.receiver]
|
|
|
|
|
|
|
|
stage.json {
|
|
|
|
expressions = {
|
|
|
|
level = "",
|
|
|
|
host = "request.host",
|
|
|
|
method = "request.method",
|
|
|
|
proto = "request.proto",
|
2024-09-16 10:46:23 +07:00
|
|
|
ts = "",
|
2024-09-16 10:32:43 +07:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
stage.labels {
|
|
|
|
values = {
|
|
|
|
level = "",
|
|
|
|
host = "",
|
|
|
|
method = "",
|
|
|
|
proto = "",
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
stage.label_drop {
|
|
|
|
values = ["service_name"]
|
|
|
|
}
|
|
|
|
|
|
|
|
stage.static_labels {
|
|
|
|
values = {
|
|
|
|
job = "caddy_access_log",
|
|
|
|
}
|
|
|
|
}
|
2024-09-16 10:46:23 +07:00
|
|
|
|
|
|
|
stage.timestamp {
|
|
|
|
source = "ts"
|
|
|
|
format = "unix"
|
|
|
|
}
|
2024-09-16 10:32:43 +07:00
|
|
|
}
|
|
|
|
'';
|
2024-06-13 13:52:45 +07:00
|
|
|
};
|
|
|
|
}
|