From 302f0ceec92ce8896484bb60987a4da058aca5bc Mon Sep 17 00:00:00 2001 From: Hadi <112569860+anotherhadi@users.noreply.github.com> Date: Mon, 6 Apr 2026 15:13:10 +0200 Subject: [PATCH] Add variables for domain & tunnel id Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com> --- hosts/server/variables.nix | 3 +++ server-modules/adguardhome.nix | 2 +- server-modules/arr.nix | 16 +++++++------- server-modules/awesome-wallpapers.nix | 3 ++- server-modules/blog.nix | 11 +++++----- server-modules/cloudflared.nix | 4 ++-- server-modules/cyberchef.nix | 8 +++++-- server-modules/default-creds.nix | 2 +- server-modules/eleakxir.nix | 2 +- server-modules/gitea.nix | 6 +++--- server-modules/glance/default.nix | 2 +- server-modules/glance/home.nix | 8 +++---- server-modules/glance/server.nix | 30 +++++++++++++-------------- server-modules/mazanoke.nix | 8 +++++-- server-modules/mealie.nix | 2 +- server-modules/ssh.nix | 2 +- server-modules/stirling-pdf.nix | 2 +- server-modules/umami.nix | 4 ++-- 18 files changed, 64 insertions(+), 51 deletions(-) diff --git a/hosts/server/variables.nix b/hosts/server/variables.nix index ff1e904..6f3c983 100644 --- a/hosts/server/variables.nix +++ b/hosts/server/variables.nix @@ -30,6 +30,9 @@ autoUpgrade = false; autoGarbageCollector = true; + + domain = "hadi.icu"; + tunnelId = "a1dfa315-7fc3-4a65-8c02-8387932c35c3"; }; # Let this here diff --git a/server-modules/adguardhome.nix b/server-modules/adguardhome.nix index d5703c1..55f7145 100644 --- a/server-modules/adguardhome.nix +++ b/server-modules/adguardhome.nix @@ -11,5 +11,5 @@ allowedUDPPorts = [53]; }; - services.cloudflared.tunnels."a1dfa315-7fc3-4a65-8c02-8387932c35c3".ingress."adguard.hadi.icu" = "http://localhost:${toString config.services.adguardhome.port}"; + services.cloudflared.tunnels."${config.var.tunnelId}".ingress."adguard.${config.var.domain}" = "http://localhost:${toString config.services.adguardhome.port}"; } diff --git a/server-modules/arr.nix b/server-modules/arr.nix index d49a5fd..070fb70 100644 --- a/server-modules/arr.nix +++ b/server-modules/arr.nix @@ -51,13 +51,13 @@ in { users.users.jellyfin.extraGroups = ["video" "render"]; - services.cloudflared.tunnels."a1dfa315-7fc3-4a65-8c02-8387932c35c3".ingress = { - "media.hadi.icu" = "http://localhost:8096"; - "demandemedia.hadi.icu" = "http://localhost:5055"; - "bazarr.hadi.icu" = "http://localhost:6767"; - "prowlarr.hadi.icu" = "http://localhost:9696"; - "radarr.hadi.icu" = "http://localhost:7878"; - "sonarr.hadi.icu" = "http://localhost:8989"; - "transmission.hadi.icu" = "http://localhost:9091"; + services.cloudflared.tunnels."${config.var.tunnelId}".ingress = { + "media.${config.var.domain}" = "http://localhost:8096"; + "demandemedia.${config.var.domain}" = "http://localhost:5055"; + "bazarr.${config.var.domain}" = "http://localhost:6767"; + "prowlarr.${config.var.domain}" = "http://localhost:9696"; + "radarr.${config.var.domain}" = "http://localhost:7878"; + "sonarr.${config.var.domain}" = "http://localhost:8989"; + "transmission.${config.var.domain}" = "http://localhost:9091"; }; } diff --git a/server-modules/awesome-wallpapers.nix b/server-modules/awesome-wallpapers.nix index cb84da7..3761518 100644 --- a/server-modules/awesome-wallpapers.nix +++ b/server-modules/awesome-wallpapers.nix @@ -1,4 +1,5 @@ { + config, inputs, pkgs, ... @@ -20,6 +21,6 @@ absolute_redirect off; ''; }; - cloudflared.tunnels."a1dfa315-7fc3-4a65-8c02-8387932c35c3".ingress."wallpapers.hadi.icu" = "http://127.0.0.1:8759"; + cloudflared.tunnels."${config.var.tunnelId}".ingress."wallpapers.${config.var.domain}" = "http://127.0.0.1:8759"; }; } diff --git a/server-modules/blog.nix b/server-modules/blog.nix index aebda98..f72b5e7 100644 --- a/server-modules/blog.nix +++ b/server-modules/blog.nix @@ -1,4 +1,5 @@ { + config, inputs, pkgs, ... @@ -19,7 +20,7 @@ extraConfig = '' port_in_redirect off; absolute_redirect off; - add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' data: https://umami.hadi.icu; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://git.hadi.icu; connect-src 'self' https://umami.hadi.icu;" always; + add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' data: https://umami.${config.var.domain}; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://git.${config.var.domain}; connect-src 'self' https://umami.${config.var.domain};" always; ''; }; @@ -31,14 +32,14 @@ } ]; extraConfig = '' - return 301 https://hadi.icu$request_uri; + return 301 https://${config.var.domain}$request_uri; ''; }; }; - cloudflared.tunnels."a1dfa315-7fc3-4a65-8c02-8387932c35c3".ingress = { - "hadi.icu" = "http://127.0.0.1:8758"; - "www.hadi.icu" = "http://127.0.0.1:8189"; + cloudflared.tunnels."${config.var.tunnelId}".ingress = { + "${config.var.domain}" = "http://127.0.0.1:8758"; + "www.${config.var.domain}" = "http://127.0.0.1:8189"; }; }; } diff --git a/server-modules/cloudflared.nix b/server-modules/cloudflared.nix index 8aa7947..4bccfdb 100644 --- a/server-modules/cloudflared.nix +++ b/server-modules/cloudflared.nix @@ -14,7 +14,7 @@ # This will create a credentials file & give you the tunnel ID to use below. services.cloudflared = { enable = true; - tunnels."a1dfa315-7fc3-4a65-8c02-8387932c35c3" = { + tunnels."${config.var.tunnelId}" = { credentialsFile = config.sops.secrets."cloudflared-token".path; default = "http_status:404"; }; @@ -24,7 +24,7 @@ cloudflared ]; - systemd.services."cloudflared-tunnel-a1dfa315-7fc3-4a65-8c02-8387932c35c3" = { + systemd.services."cloudflared-tunnel-${config.var.tunnelId}" = { wantedBy = ["multi-user.target"]; after = ["network-online.target"]; wants = ["network-online.target"]; diff --git a/server-modules/cyberchef.nix b/server-modules/cyberchef.nix index b71c371..a474e75 100644 --- a/server-modules/cyberchef.nix +++ b/server-modules/cyberchef.nix @@ -1,5 +1,9 @@ # Cyberchef is a web app for analyzing and decoding data. -{pkgs, ...}: { +{ + config, + pkgs, + ... +}: { services = { nginx.virtualHosts."cyberchef.local" = { root = "${pkgs.cyberchef}/share/cyberchef"; @@ -10,6 +14,6 @@ } ]; }; - cloudflared.tunnels."a1dfa315-7fc3-4a65-8c02-8387932c35c3".ingress."cyberchef.hadi.icu" = "http://localhost:8754"; + cloudflared.tunnels."${config.var.tunnelId}".ingress."cyberchef.${config.var.domain}" = "http://localhost:8754"; }; } diff --git a/server-modules/default-creds.nix b/server-modules/default-creds.nix index 1708f98..1b84acf 100644 --- a/server-modules/default-creds.nix +++ b/server-modules/default-creds.nix @@ -4,5 +4,5 @@ port = 8087; }; - services.cloudflared.tunnels."a1dfa315-7fc3-4a65-8c02-8387932c35c3".ingress."default-creds.hadi.icu" = "http://localhost:${toString config.services.default-creds.port}"; + services.cloudflared.tunnels."${config.var.tunnelId}".ingress."default-creds.${config.var.domain}" = "http://localhost:${toString config.services.default-creds.port}"; } diff --git a/server-modules/eleakxir.nix b/server-modules/eleakxir.nix index 7f28886..01d4a8d 100644 --- a/server-modules/eleakxir.nix +++ b/server-modules/eleakxir.nix @@ -22,5 +22,5 @@ inputs.eleakxir.packages.${pkgs.stdenv.hostPlatform.system}.leak-utils ]; - services.cloudflared.tunnels."a1dfa315-7fc3-4a65-8c02-8387932c35c3".ingress."eleakxir-back.hadi.icu" = "http://localhost:${toString config.services.eleakxir.port}"; + services.cloudflared.tunnels."${config.var.tunnelId}".ingress."eleakxir-back.${config.var.domain}" = "http://localhost:${toString config.services.eleakxir.port}"; } diff --git a/server-modules/gitea.nix b/server-modules/gitea.nix index 0443371..1c2f934 100644 --- a/server-modules/gitea.nix +++ b/server-modules/gitea.nix @@ -31,8 +31,8 @@ in { server = { HTTP_ADDR = "127.0.0.1"; HTTP_PORT = 3002; - ROOT_URL = "https://git.hadi.icu/"; - DOMAIN = "git.hadi.icu"; + ROOT_URL = "https://git.${config.var.domain}/"; + DOMAIN = "git.${config.var.domain}"; LANDING_PAGE = "/anotherhadi"; }; service = { @@ -58,7 +58,7 @@ in { }; }; - cloudflared.tunnels."a1dfa315-7fc3-4a65-8c02-8387932c35c3".ingress."git.hadi.icu" = "http://localhost:3002"; + cloudflared.tunnels."${config.var.tunnelId}".ingress."git.${config.var.domain}" = "http://localhost:3002"; }; systemd.services.gitea.preStart = lib.mkAfter '' diff --git a/server-modules/glance/default.nix b/server-modules/glance/default.nix index 9a9144c..e48894f 100644 --- a/server-modules/glance/default.nix +++ b/server-modules/glance/default.nix @@ -14,7 +14,7 @@ server.port = 5678; }; }; - cloudflared.tunnels."a1dfa315-7fc3-4a65-8c02-8387932c35c3".ingress."home.hadi.icu" = "http://localhost:8755"; + cloudflared.tunnels."${config.var.tunnelId}".ingress."home.${config.var.domain}" = "http://localhost:8755"; nginx.virtualHosts."glance.local" = { listen = [ diff --git a/server-modules/glance/home.nix b/server-modules/glance/home.nix index 3c77d94..469cb46 100644 --- a/server-modules/glance/home.nix +++ b/server-modules/glance/home.nix @@ -97,11 +97,11 @@ } { title = "Mazanoke (image downgrading)"; - url = "https://mazanoke.hadi.icu"; + url = "https://mazanoke.${config.var.domain}"; } { title = "Stirling PDF"; - url = "https://pdf.hadi.icu"; + url = "https://pdf.${config.var.domain}"; } { title = "Vert (file converter)"; @@ -200,11 +200,11 @@ links = [ { title = "Nix 4 Cyber"; - url = "https://n4c.hadi.icu"; + url = "https://n4c.${config.var.domain}"; } { title = "Cyberchef"; - url = "https://cyberchef.hadi.icu"; + url = "https://cyberchef.${config.var.domain}"; } { title = "TryHackMe"; diff --git a/server-modules/glance/server.nix b/server-modules/glance/server.nix index 06d977a..5df1e5a 100644 --- a/server-modules/glance/server.nix +++ b/server-modules/glance/server.nix @@ -26,42 +26,42 @@ sites = [ { title = "Adguard"; - url = "https://adguard.hadi.icu"; + url = "https://adguard.${config.var.domain}"; icon = "si:adguard"; } { title = "Mealie"; - url = "https://mealie.hadi.icu"; + url = "https://mealie.${config.var.domain}"; icon = "si:mealie"; } { title = "Linkding"; - url = "https://linkding.hadi.icu"; + url = "https://linkding.${config.var.domain}"; icon = "sh:linkding"; } { title = "Mazanoke"; - url = "https://mazanoke.hadi.icu"; + url = "https://mazanoke.${config.var.domain}"; icon = "sh:mazanoke"; } { title = "Stirling PDF"; - url = "https://pdf.hadi.icu"; + url = "https://pdf.${config.var.domain}"; icon = "sh:stirling-pdf"; } { title = "Default-creds"; - url = "https://default-creds.hadi.icu"; + url = "https://default-creds.${config.var.domain}"; icon = "si:passbolt"; } { title = "Blog"; - url = "https://hadi.icu"; + url = "https://${config.var.domain}"; icon = "si:blogger"; } { title = "Cyberchef"; - url = "https://cyberchef.hadi.icu"; + url = "https://cyberchef.${config.var.domain}"; icon = "si:codechef"; } ]; @@ -73,37 +73,37 @@ sites = [ { title = "Jellyfin"; - url = "https://media.hadi.icu"; + url = "https://media.${config.var.domain}"; icon = "si:jellyfin"; } { title = "Jellyseerr"; - url = "https://demandemedia.hadi.icu"; + url = "https://demandemedia.${config.var.domain}"; icon = "si:odysee"; } { title = "Radarr"; - url = "https://radarr.hadi.icu"; + url = "https://radarr.${config.var.domain}"; icon = "si:radarr"; } { title = "Sonarr"; - url = "https://sonarr.hadi.icu"; + url = "https://sonarr.${config.var.domain}"; icon = "si:sonarr"; } { title = "Bazarr"; - url = "https://bazarr.hadi.icu"; + url = "https://bazarr.${config.var.domain}"; icon = "si:subtitleedit"; } { title = "Prowlarr"; - url = "https://prowlarr.hadi.icu"; + url = "https://prowlarr.${config.var.domain}"; icon = "si:podcastindex"; } { title = "Transmission"; - url = "https://transmission.hadi.icu"; + url = "https://transmission.${config.var.domain}"; icon = "si:transmission"; } ]; diff --git a/server-modules/mazanoke.nix b/server-modules/mazanoke.nix index 4aff26b..5b21a2d 100644 --- a/server-modules/mazanoke.nix +++ b/server-modules/mazanoke.nix @@ -1,5 +1,9 @@ # Mazanoke is a self-hosted image downgrader -{pkgs, ...}: let +{ + config, + pkgs, + ... +}: let version = "1.1.5"; mazanoke-pkg = pkgs.stdenv.mkDerivation { inherit version; @@ -30,6 +34,6 @@ in { } ]; }; - cloudflared.tunnels."a1dfa315-7fc3-4a65-8c02-8387932c35c3".ingress."mazanoke.hadi.icu" = "http://localhost:8755"; + cloudflared.tunnels."${config.var.tunnelId}".ingress."mazanoke.${config.var.domain}" = "http://localhost:8755"; }; } diff --git a/server-modules/mealie.nix b/server-modules/mealie.nix index a398430..b42976d 100644 --- a/server-modules/mealie.nix +++ b/server-modules/mealie.nix @@ -5,5 +5,5 @@ port = 8092; }; - services.cloudflared.tunnels."a1dfa315-7fc3-4a65-8c02-8387932c35c3".ingress."mealie.hadi.icu" = "http://localhost:${toString config.services.mealie.port}"; + services.cloudflared.tunnels."${config.var.tunnelId}".ingress."mealie.${config.var.domain}" = "http://localhost:${toString config.services.mealie.port}"; } diff --git a/server-modules/ssh.nix b/server-modules/ssh.nix index 361305b..73a4dfc 100644 --- a/server-modules/ssh.nix +++ b/server-modules/ssh.nix @@ -18,5 +18,5 @@ in { "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPG9SE80ZyBcXZK/f5ypSKudaM5Jo3XtQikCnGo0jI5E hadi@nixy" ]; - services.cloudflared.tunnels."a1dfa315-7fc3-4a65-8c02-8387932c35c3".ingress."ssh.hadi.icu" = "ssh://localhost:22"; + services.cloudflared.tunnels."${config.var.tunnelId}".ingress."ssh.${config.var.domain}" = "ssh://localhost:22"; } diff --git a/server-modules/stirling-pdf.nix b/server-modules/stirling-pdf.nix index 458854b..80cab4d 100644 --- a/server-modules/stirling-pdf.nix +++ b/server-modules/stirling-pdf.nix @@ -5,5 +5,5 @@ environment."SERVER_PORT" = "8083"; }; - services.cloudflared.tunnels."a1dfa315-7fc3-4a65-8c02-8387932c35c3".ingress."pdf.hadi.icu" = "http://localhost:${toString config.services.stirling-pdf.environment.SERVER_PORT}"; + services.cloudflared.tunnels."${config.var.tunnelId}".ingress."pdf.${config.var.domain}" = "http://localhost:${toString config.services.stirling-pdf.environment.SERVER_PORT}"; } diff --git a/server-modules/umami.nix b/server-modules/umami.nix index f282041..e28b198 100644 --- a/server-modules/umami.nix +++ b/server-modules/umami.nix @@ -13,9 +13,9 @@ DISABLE_BOT_CHECK = true; }; }; - services.cloudflared.tunnels."a1dfa315-7fc3-4a65-8c02-8387932c35c3".ingress."umami.hadi.icu" = "http://localhost:${toString config.services.umami.settings.PORT}"; + services.cloudflared.tunnels."${config.var.tunnelId}".ingress."umami.${config.var.domain}" = "http://localhost:${toString config.services.umami.settings.PORT}"; systemd.services.default-creds.environment = { - PUBLIC_UMAMI_URL = "https://umami.hadi.icu"; + PUBLIC_UMAMI_URL = "https://umami.${config.var.domain}"; # FIXME: PUBLIC_UMAMI_WEBSITE_ID = "7197484c-01ad-488e-9caa-5ab7b7595f08"; UMAMI_URL = "http://localhost:8097";