DNS updates, point Cloudflared to HAProxy

2024-06-07 14:51:00 +01:00 · 2024-06-07 14:51:00 +01:00 · b80e094d20
parent 8b710ab863
commit b80e094d20
6 changed files with 54 additions and 16 deletions
--- a/dns/dns.nix
+++ b/dns/dns.nix
@ -3,6 +3,21 @@
  zones = {
    "gmem.ca" =
      {
+        "_minecraft._tcp.mc" = {
+          srv.data = [
+            {
+              port = 25565;
+              priority = 10;
+              weight = 5;
+              target = "mc-real.gmem.ca";
+            }
+          ];
+        };
+        "mc".cname = {
+          ttl = 0;
+          data = "e9195a3e-6f24-4cdb-be6d-237199d9a258.cfargotunnel.com";
+        };
+
        "grafana" = {
          a.data = ["91.107.206.145"];
          aaaa.data = ["2a01:4f8:c012:5ec6::"];
@ -89,6 +104,9 @@
          a.data = ["100.116.48.47"];
          aaaa.data = ["fd7a:115c:a1e0:ab12:4843:cd96:6274:302f"];
        };
+        "plex" = {
+          cname.data = "vancouver.gmem.ca";
+        };

        "" = {
          aaaa.data = ["100::"];
@ -147,6 +165,7 @@
        "ntfy"
        "metube"
        "search"
+        "red"
      ] (name: {cname.data = "cluster.gmem.ca";})
      // lib.attrsets.genAttrs [
        # Externally hosted applications with Tunnels
@ -161,6 +180,8 @@
        "tokyo"
        "ci"
        "paste"
+        "e6"
+        "minecraft-invites"
      ] (name: {
        cname = {
          ttl = 0;
--- a/dns/nextdns.nix
+++ b/dns/nextdns.nix
@ -10,6 +10,8 @@
      "tokyo"
      "nitter"
      "paste"
+      "e6"
+      "minecraft-invites"
    ] (name: {
      name = name + ".gmem.ca";
      content = "newcluster.gmem.ca";
@ -41,13 +43,16 @@
      "metube"
      "search"
      "paste"
+      "e6"
+      "red"
+      "minecraft-invites"
    ] (name: {
      name = name + ".gmem.ca";
      content = "homelab.gmem.ca";
    });
 in {
  data = {
-    "xxxxxx" = home;
-    "xxxxxx" = tailscale;
+    "bcee89" = home;
+    "74c6db" = tailscale;
  };
 }
--- a/homelab/cloudflared.yml
+++ b/homelab/cloudflared.yml
@ -93,25 +93,31 @@ data:
    credentials-file: /etc/cloudflared/creds/credentials.json
    metrics: 0.0.0.0:2000
    no-autoupdate: true
+    warp-routing:
+      enabled: true
    ingress:
    - hostname: photos.gmem.ca
-      service: http://immich-server.immich.svc.cluster.local:3001
+      service: https://homelab.gmem.ca
    - hostname: pw.gmem.ca
-      service: http://vaultwarden.vaultwarden.svc.cluster.local:80
+      service: https://homelab.gmem.ca
    - hostname: authentik.gmem.ca
-      service: http://authentik-server.authentik.svc.cluster.local:80
+      service: https://homelab.gmem.ca
    - hostname: nitter.gmem.ca
-      service: http://nitter.nitter.svc.cluster.local:8081
+      service: https://homelab.gmem.ca
    - hostname: git.gmem.ca
-      service: http://192.168.50.229
+      service: https://homelab.gmem.ca
    - hostname: proxmox.gmem.ca
-      service: http://proxmox.endpoints.svc.cluster.local:8006
+      service: https://homelab.gmem.ca
    - hostname: tokyo.gmem.ca
-      service: http://tokyo.endpoints.svc.cluster.local:8000
+      service: https://homelab.gmem.ca
    - hostname: ibiza.gmem.ca
-      service: http://ibiza.endpoints.svc.cluster.local:8000
+      service: https://homelab.gmem.ca
    - hostname: chat.gmem.ca
-      service: tcp://192.168.50.45:443
+      service: https://homelab.gmem.ca
    - hostname: paste.gmem.ca
-      service: http://tclip.tclip.svc.cluster.local:8080
+      service: https://homelab.gmem.ca
+    - hostname: e6.gmem.ca
+      service: https://homelab.gmem.ca
+    - hostname: minecraft-invites.gmem.ca
+      service: https://homelab.gmem.ca
    - service: http_status:404
--- a/homelab/endpoints.nix
+++ b/homelab/endpoints.nix
@ -1,5 +1,11 @@
 let
  endpoints = {
+    "git" = {
+      location = "192.168.50.229";
+      host = "git.gmem.ca";
+      port = 443;
+      protocol = "HTTPS";
+    };
    "proxmox" = {
      location = "192.168.50.3";
      host = "proxmox.gmem.ca";
--- a/nix/dnsmasq-floof/hardware-configuration.nix
+++ b/nix/dnsmasq-floof/hardware-configuration.nix
@ -11,8 +11,8 @@
  imports = [
    (modulesPath + "/profiles/qemu-guest.nix")
    ''${builtins.fetchTarball {
-        url = "https://github.com/nix-community/disko/archive/master.tar.gz";
-        sha256 = "1wg3nnh8lrc8q8q4qyk9yynsa24qqj9126h3cy0ijq93mz46i1k7";
+        url = "https://github.com/nix-community/disko/archive/refs/tags/v1.6.1.tar.gz";
+        sha256 = "1p9vsml07bm3riw703dv83ihlmgyc11qv882qa6bqzqdgn86y8z4";
      }}/module.nix''
    ./disk-config.nix
  ];
--- a/nix/dnsmasq/hardware-configuration.nix
+++ b/nix/dnsmasq/hardware-configuration.nix
@ -11,8 +11,8 @@
  imports = [
    (modulesPath + "/profiles/qemu-guest.nix")
    ''${builtins.fetchTarball {
-        url = "https://github.com/nix-community/disko/archive/master.tar.gz";
-        sha256 = "1wg3nnh8lrc8q8q4qyk9yynsa24qqj9126h3cy0ijq93mz46i1k7";
+        url = "https://github.com/nix-community/disko/archive/refs/tags/v1.6.1.tar.gz";
+        sha256 = "1p9vsml07bm3riw703dv83ihlmgyc11qv882qa6bqzqdgn86y8z4";
      }}/module.nix''
    ./disk-config.nix
  ];