about summary refs log tree commit diff
path: root/nix/hosts/corrino/www
diff options
context:
space:
mode:
Diffstat (limited to 'nix/hosts/corrino/www')
-rw-r--r--nix/hosts/corrino/www/cs.emile.space.nix10
-rw-r--r--nix/hosts/corrino/www/ctf.emile.space.nix8
-rw-r--r--nix/hosts/corrino/www/events.emile.space.nix8
-rw-r--r--nix/hosts/corrino/www/git.emile.space.nix5
-rw-r--r--nix/hosts/corrino/www/grafana.emile.space.nix16
-rw-r--r--nix/hosts/corrino/www/hydra.emile.space.nix10
-rw-r--r--nix/hosts/corrino/www/jupyter.emile.space.nix14
-rw-r--r--nix/hosts/corrino/www/magic-hash.emile.space.nix8
-rw-r--r--nix/hosts/corrino/www/md.emile.space.nix9
-rw-r--r--nix/hosts/corrino/www/netbox.emile.space.nix8
-rw-r--r--nix/hosts/corrino/www/pgweb.emile.space.nix6
-rw-r--r--nix/hosts/corrino/www/photo.emile.space.nix8
-rw-r--r--nix/hosts/corrino/www/stream.emile.space.nix12
-rw-r--r--nix/hosts/corrino/www/talks.emile.space.nix5
-rw-r--r--nix/hosts/corrino/www/tickets.emile.space.nix8
15 files changed, 81 insertions, 54 deletions
diff --git a/nix/hosts/corrino/www/cs.emile.space.nix b/nix/hosts/corrino/www/cs.emile.space.nix
index de4d67e..b095162 100644
--- a/nix/hosts/corrino/www/cs.emile.space.nix
+++ b/nix/hosts/corrino/www/cs.emile.space.nix
@@ -3,16 +3,18 @@
 
 # adapted from https://cs.tvl.fyi/depot/-/blob/ops/modules/sourcegraph.nix
 
-{ ... }:
+{ config, ... }:
 
-{
+let
+  ports = import ../ports.nix;
+in {
   services.nginx.virtualHosts."cs.emile.space" = {
     forceSSL = true;
     enableACME = true;
 
     locations = {
       "/" = {
-        proxyPass = "http://127.0.0.1:3463";
+        proxyPass = "http://127.0.0.1:${toString ports.cs}";
 
         extraConfig = ''
           location = / {
@@ -37,7 +39,7 @@
     image = "sourcegraph/server:5.1.1";
 
     ports = [
-      "127.0.0.1:3463:7080"
+      "127.0.0.1:${toString ports.cs}:7080"
     ];
 
     volumes = [
diff --git a/nix/hosts/corrino/www/ctf.emile.space.nix b/nix/hosts/corrino/www/ctf.emile.space.nix
index c4de8c5..5c9d49a 100644
--- a/nix/hosts/corrino/www/ctf.emile.space.nix
+++ b/nix/hosts/corrino/www/ctf.emile.space.nix
@@ -1,13 +1,15 @@
 { ... }:
 
-{
+let
+  ports = import ../ports.nix;
+in {
   services.nginx.virtualHosts."ctf.emile.space" = {
     forceSSL = true;
     enableACME = true;
 
     locations = {
       "/" = {
-        proxyPass = "http://127.0.0.1:8338";
+        proxyPass = "http://127.0.0.1:${toString ports.ctf}";
       };
     };
   };
@@ -18,7 +20,7 @@
       "ctfd" = {
         image = "ctfd/ctfd";
         ports = [
-          "8338:8000"
+          "${toString ports.ctf}:8000"
         ];
       };
     };
diff --git a/nix/hosts/corrino/www/events.emile.space.nix b/nix/hosts/corrino/www/events.emile.space.nix
index bb4db38..d7f5d50 100644
--- a/nix/hosts/corrino/www/events.emile.space.nix
+++ b/nix/hosts/corrino/www/events.emile.space.nix
@@ -1,6 +1,8 @@
 { ... }:
 
-{
+let
+  ports = import ../ports.nix;
+in {
   services.nginx.virtualHosts."events.emile.space" = {
     forceSSL = true;
     enableACME = true;
@@ -8,7 +10,7 @@
     locations = {
       "/" = {
         extraConfig = ''
-          proxy_pass http://[::1]:4000;
+          proxyPass = "http://[::1]:${toString ports.events}";
         '';
       };
     };
@@ -27,7 +29,7 @@
       settings.":mobilizon" = {
         "Mobilizon.Web.Endpoint" = {
           url.host = "events.emile.space";
-          http.port = 4000;
+          http.port = ports.events;
 
           # The IP address to listen on. Defaults to [::1] notated as a byte
           # tuple.
diff --git a/nix/hosts/corrino/www/git.emile.space.nix b/nix/hosts/corrino/www/git.emile.space.nix
index dceadb6..f05c83d 100644
--- a/nix/hosts/corrino/www/git.emile.space.nix
+++ b/nix/hosts/corrino/www/git.emile.space.nix
@@ -2,6 +2,7 @@
 
 let
   cfg = config.services.gitea;
+  ports = import ../ports.nix;
   authelia-location = ''
     set $upstream_authelia http://127.0.0.1:9091/api/authz/auth-request;
 
@@ -81,7 +82,8 @@ in {
 
     locations = {
       "/" = {
-        proxyPass = "http://127.0.0.1:3000";
+        # proxyPass = "http://127.0.0.1:3000";
+        proxyPass = "http://127.0.0.1:${toString config.services.gitea.settings.server.HTTP_PORT}";
 
         # TODO(emile): figure out why this doesn't work when enabled, has to do with authelia
         # extraConfig = authelia-authrequest;
@@ -131,6 +133,7 @@ in {
       server = {
         DOMAIN = pkgs.lib.mkForce "git.emile.space";
         ROOT_URL = pkgs.lib.mkForce "https://git.emile.space";
+        HTTP_PORT = ports.git;
 
         #START_SSH_SERVER = true;
         BUILTIN_SSH_SERVER_USER = "git";
diff --git a/nix/hosts/corrino/www/grafana.emile.space.nix b/nix/hosts/corrino/www/grafana.emile.space.nix
index 0f73147..d3e0e2f 100644
--- a/nix/hosts/corrino/www/grafana.emile.space.nix
+++ b/nix/hosts/corrino/www/grafana.emile.space.nix
@@ -1,6 +1,8 @@
 { config, ... }:
 
-{
+let
+  ports = import ../ports.nix;
+in {
   services = {
     nginx.virtualHosts."grafana.emile.space" = {
       addSSL = true;
@@ -16,7 +18,7 @@
       settings = {
         server = {
           http_addr = "127.0.0.1";
-          http_port = 3002;
+          http_port = ports.grafana;
           domain = "grafana.emile.space";
           root_url = "https://grafana.emile.space/";
         };
@@ -47,13 +49,13 @@
     prometheus = {
       enable = true;
       retentionTime = "356d";
-      port = 9003;
+      port = ports.prometheus;
 
       exporters = {
         node = {
           enable = true;
           enabledCollectors = [ "systemd" ];
-          port = 9002;
+          port = ports.prometheus_node_exporter;
         };
       };
       scrapeConfigs = [
@@ -71,7 +73,7 @@
       configuration = {
         auth_enabled = false;
         server = {
-          http_listen_port = 9004;
+          http_listen_port = ports.loki;
         };
 
         limits_config = {
@@ -112,7 +114,7 @@
       enable = true;
       configuration = {
         server = {
-          http_listen_port = 9005;
+          http_listen_port = ports.promtail;
           grpc_listen_port = 0;
         };
         positions.filename = "/tmp/positions.yml";
@@ -214,4 +216,4 @@
       };
     };
   };
-}
\ No newline at end of file
+}
diff --git a/nix/hosts/corrino/www/hydra.emile.space.nix b/nix/hosts/corrino/www/hydra.emile.space.nix
index 2607ac0..1d1fa0a 100644
--- a/nix/hosts/corrino/www/hydra.emile.space.nix
+++ b/nix/hosts/corrino/www/hydra.emile.space.nix
@@ -1,13 +1,15 @@
- { ... }:
+{ config, ... }:
 
-{
+let
+  ports = import ../ports.nix;
+in {
   services.nginx.virtualHosts."hydra.emile.space" = {
     forceSSL = true;
     enableACME = true;
 
     locations = {
       "/" = {
-        proxyPass = "http://127.0.0.1:3001";
+        proxyPass = "http://127.0.0.1:${toString config.services.hydra.port}";
       };
     };
   };
@@ -22,7 +24,7 @@
     enable = true;
 
     listenHost = "*";
-    port = 3001;
+    port = ports.hydra;
     hydraURL = "https://hydra.emile.space"; # externally visible URL
 
     # Directory that holds Hydra garbage collector roots.
diff --git a/nix/hosts/corrino/www/jupyter.emile.space.nix b/nix/hosts/corrino/www/jupyter.emile.space.nix
index d1d951c..18e56a0 100644
--- a/nix/hosts/corrino/www/jupyter.emile.space.nix
+++ b/nix/hosts/corrino/www/jupyter.emile.space.nix
@@ -1,22 +1,24 @@
-{ pkgs, lib, config, ... }:
+{ pkgs, config, ... }:
 
-{
+let
+  ports = import ../ports.nix;
+in {
   services.nginx.virtualHosts."jupyter.emile.space" = {
     forceSSL = true;
     enableACME = true;
 
     locations = {
       "/" = {
-        proxyPass = "http://127.0.0.1:8004";
+        proxyPass = "http://127.0.0.1:${toString config.services.jupyter.port}";
       };
     };
   };
 
-  services.jupyter = rec {
+  services.jupyter = {
     enable = true;
 
     ip = "127.0.0.1";
-    port = 8004;
+    port = ports.jupyter;
 
     # ; python3
     # >>> from notebook.auth import passwd
@@ -57,4 +59,4 @@
 
   users.users.jupyter.group = "jupyter";
   users.groups.jupyter = {};
-}
\ No newline at end of file
+}
diff --git a/nix/hosts/corrino/www/magic-hash.emile.space.nix b/nix/hosts/corrino/www/magic-hash.emile.space.nix
index 05446ea..4f57d12 100644
--- a/nix/hosts/corrino/www/magic-hash.emile.space.nix
+++ b/nix/hosts/corrino/www/magic-hash.emile.space.nix
@@ -1,13 +1,15 @@
 { config, ... }:
 
-{
+let
+  ports = import ../ports.nix;
+in {
   services.nginx.virtualHosts."magic-hash.emile.space" = {
     forceSSL = true;
     enableACME = true;
 
     locations = {
       "/" = {
-        proxyPass = "http://127.0.0.1:8339";
+        proxyPass = "http://127.0.0.1:${toString ports.magic-hash}";
       };
     };
   };
@@ -18,7 +20,7 @@
       "ctfd" = {
         image = "magic-hash";
         ports = [
-          "8338:80"
+          "${toString ports.magic-hash}:80"
         ];
         environment = {
 
diff --git a/nix/hosts/corrino/www/md.emile.space.nix b/nix/hosts/corrino/www/md.emile.space.nix
index 8d9d109..29ddc67 100644
--- a/nix/hosts/corrino/www/md.emile.space.nix
+++ b/nix/hosts/corrino/www/md.emile.space.nix
@@ -1,6 +1,8 @@
 { config, pkgs, ... }:
 
-{
+let
+	ports = import ../ports.nix;
+in {
 	services.nginx.virtualHosts."md.emile.space" = {
 		forceSSL = true;
 		enableACME = true;
@@ -10,7 +12,8 @@
 
 		locations = {
 			"/" = {
-				proxyPass = "http://127.0.0.1:3003";
+				# proxyPass = "http://127.0.0.1:3003";
+        proxyPass = "http://127.0.0.1:${toString config.services.hedgedoc.settings.port}";
 
 				# TODO(emile): figure out why this doesn't work when enabled, has to do with authelia
 				# extraConfig = authelia-authrequest;
@@ -58,7 +61,7 @@
 
 		settings = {
 			host = "127.0.0.1";
-			port = 3003;
+			port = ports.md;
 
 			domain = "md.emile.space";
 
diff --git a/nix/hosts/corrino/www/netbox.emile.space.nix b/nix/hosts/corrino/www/netbox.emile.space.nix
index a86209c..3f07bf5 100644
--- a/nix/hosts/corrino/www/netbox.emile.space.nix
+++ b/nix/hosts/corrino/www/netbox.emile.space.nix
@@ -1,13 +1,15 @@
 { config, pkgs, ... }:
 
-{
+let
+  ports = import ../ports.nix;
+in {
   services.nginx.virtualHosts."netbox.emile.space" = {
     forceSSL = true;
     enableACME = true;
     kTLS = true;
 
     locations."/" = {
-      proxyPass = "http://[::1]:8001";
+      proxyPass = "http://[::1]:${toString config.services.netbox.port}";
       proxyWebsockets = true;
     };
     locations."/static/".root = "${config.services.netbox.dataDir}";
@@ -25,7 +27,7 @@
     enableLdap = false;
     settings = {};
     secretKeyFile = config.age.secrets.netbox_secret.path;
-    port = 8001;
+    port = ports.netbox;
     listenAddress = "[::1]";
   };
 
diff --git a/nix/hosts/corrino/www/pgweb.emile.space.nix b/nix/hosts/corrino/www/pgweb.emile.space.nix
index 522a6bf..1ce8063 100644
--- a/nix/hosts/corrino/www/pgweb.emile.space.nix
+++ b/nix/hosts/corrino/www/pgweb.emile.space.nix
@@ -1,13 +1,15 @@
 { pkgs, ... }:
 
-{
+let
+  ports = import ../ports.nix;
+in {
   services.nginx.virtualHosts."pgweb.emile.space" = {
     forceSSL = true;
     enableACME = true;
 
     locations = {
       "/" = {
-        proxyPass = "http://127.0.0.1:5432";
+        proxyPass = "http://127.0.0.1:${toString ports.pgweb}";
       };
     };
   };
diff --git a/nix/hosts/corrino/www/photo.emile.space.nix b/nix/hosts/corrino/www/photo.emile.space.nix
index 7f2e9ca..6ebf94d 100644
--- a/nix/hosts/corrino/www/photo.emile.space.nix
+++ b/nix/hosts/corrino/www/photo.emile.space.nix
@@ -1,13 +1,15 @@
 { config, ... }:
 
-{
+let
+  ports = import ../ports.nix;
+in {
   services.nginx.virtualHosts."photo.emile.space" = {
     forceSSL = true;
     enableACME = true;
 
     locations = {
       "/" = {
-        proxyPass = "http://127.0.0.1:2342";
+        proxyPass = "http://127.0.0.1:${toString config.services.photoprism.port}";
         proxyWebsockets = true;
       };
     };
@@ -17,7 +19,7 @@
     enable = true;
 
     address = "127.0.0.1";
-    port = 2342;
+    port = ports.photo;
 
     passwordFile = config.age.secrets.photoprism_password.path;
 
diff --git a/nix/hosts/corrino/www/stream.emile.space.nix b/nix/hosts/corrino/www/stream.emile.space.nix
index 7340d4f..21ee627 100644
--- a/nix/hosts/corrino/www/stream.emile.space.nix
+++ b/nix/hosts/corrino/www/stream.emile.space.nix
@@ -1,13 +1,15 @@
-{ ... }:
+{ config, ... }:
 
-{
+let
+  ports = import ../ports.nix;
+in {
   services.nginx.virtualHosts."stream.emile.space" = {
     forceSSL = true;
     enableACME = true;
 
     locations = {
       "/" = {
-        proxyPass = "http://127.0.0.1:8080";
+        proxyPass = "http://127.0.0.1:${toString config.services.owncast.port}";
         proxyWebsockets = true;
       };
     };
@@ -18,7 +20,7 @@
     openFirewall = true;
     listen = "0.0.0.0";
     dataDir = "/var/lib/owncast";
-    rtmp-port = 1935;
-    port = 8080; # web interface
+    rtmp-port = ports.stream_rtmp;
+    port = ports.stream; # web interface
   };
 }
diff --git a/nix/hosts/corrino/www/talks.emile.space.nix b/nix/hosts/corrino/www/talks.emile.space.nix
index 4833fa7..80c264e 100644
--- a/nix/hosts/corrino/www/talks.emile.space.nix
+++ b/nix/hosts/corrino/www/talks.emile.space.nix
@@ -1,6 +1,7 @@
 { config, pkgs, ... }:
 
 let
+  ports = import ../ports.nix;
   pretalx_config = pkgs.writeText "/etc/pretalx.cfg" ''
     [filesystem]
     media = /public/media
@@ -42,7 +43,7 @@ in {
     locations = {
       "/" = {
         extraConfig = ''
-          proxy_pass http://127.0.0.1:8350;
+          proxy_pass http://127.0.0.1:${toString ports.talks};
 
           proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
           proxy_set_header Host $host;
@@ -61,7 +62,7 @@ in {
     pretalx = {
       image = "pretalx/standalone:latest";
       ports = [
-        "127.0.0.1:8350:80"
+        "127.0.0.1:${toString ports.talks}:80"
       ];
       volumes = [
         "/var/pretalx-data:/data" # {static, media}
diff --git a/nix/hosts/corrino/www/tickets.emile.space.nix b/nix/hosts/corrino/www/tickets.emile.space.nix
index f479263..f7d7b94 100644
--- a/nix/hosts/corrino/www/tickets.emile.space.nix
+++ b/nix/hosts/corrino/www/tickets.emile.space.nix
@@ -6,8 +6,7 @@
 # times... sorry
 
 let
-  # pretix_config = config.age.secrets.pretix.path;
-
+  ports = import ../ports.nix;
   pretix_config = pkgs.writeText "pretix.cfg" ''
     [pretix]
     instance_name=tickets.emile.space
@@ -57,7 +56,7 @@ in {
     locations = {
       "/" = {
         extraConfig = ''
-          proxy_pass http://127.0.0.1:8349;
+          proxy_pass http://127.0.0.1:${toString ports.tickets};
 
           proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
           proxy_set_header Host $host;
@@ -70,7 +69,7 @@ in {
     pretix = {
       image = "pretix/standalone:stable";
       ports = [
-        "127.0.0.1:8349:80"
+        "127.0.0.1:${toString ports.tickets}:80"
       ];
       volumes = [
         "/var/pretix-data:/data"
@@ -116,5 +115,4 @@ in {
   # services.redis.settings.unixsocketperm = "770";
 
   # trace: warning: The option `services.redis.settings' defined in `/nix/store/ib5271hcbjqrxb0yrmrjcypvpacmnp2s-source/ops/modules/www/tickets.emile.space.nix' has been renamed to `services.redis.servers."".settings'.
-
 }