treewide: update domains for some services
This commit is contained in:
parent
d305459834
commit
7bcb08990f
|
@ -61,9 +61,9 @@ resource "cloudflare_zero_trust_access_identity_provider" "oidc_keycloak" {
|
|||
config {
|
||||
client_id = "cloudflare"
|
||||
client_secret = local.secrets.cloudflare.keycloak_oidc_secret
|
||||
auth_url = "https://keycloak.rebmit.moe/realms/rebmit/protocol/openid-connect/auth"
|
||||
token_url = "https://keycloak.rebmit.moe/realms/rebmit/protocol/openid-connect/token"
|
||||
certs_url = "https://keycloak.rebmit.moe/realms/rebmit/protocol/openid-connect/certs"
|
||||
auth_url = "https://id.rebmit.moe/realms/rebmit/protocol/openid-connect/auth"
|
||||
token_url = "https://id.rebmit.moe/realms/rebmit/protocol/openid-connect/token"
|
||||
certs_url = "https://id.rebmit.moe/realms/rebmit/protocol/openid-connect/certs"
|
||||
scopes = ["openid", "email", "profile"]
|
||||
}
|
||||
}
|
||||
|
|
File diff suppressed because one or more lines are too long
|
@ -16,7 +16,7 @@
|
|||
http-host = "127.0.0.1";
|
||||
http-port = config.networking.ports.keycloak;
|
||||
proxy-headers = "xforwarded";
|
||||
hostname = "keycloak.rebmit.moe";
|
||||
hostname = "id.rebmit.moe";
|
||||
cache = "local";
|
||||
};
|
||||
};
|
||||
|
@ -25,7 +25,7 @@
|
|||
MemoryDenyWriteExecute = false;
|
||||
};
|
||||
|
||||
services.caddy.virtualHosts."keycloak.rebmit.moe" = {
|
||||
services.caddy.virtualHosts."id.rebmit.moe" = {
|
||||
extraConfig = ''
|
||||
reverse_proxy ${config.services.keycloak.settings.http-host}:${toString config.services.keycloak.settings.http-port}
|
||||
'';
|
||||
|
|
|
@ -18,7 +18,7 @@
|
|||
withJemalloc = true;
|
||||
settings = {
|
||||
server_name = "rebmit.moe";
|
||||
public_baseurl = "https://matrix.rebmit.moe";
|
||||
public_baseurl = "https://chat.rebmit.moe";
|
||||
|
||||
dynamic_thumbnails = true;
|
||||
enable_registration = true;
|
||||
|
@ -48,8 +48,8 @@
|
|||
oidc_providers = [
|
||||
{
|
||||
idp_id = "keycloak";
|
||||
idp_name = "keycloak.rebmit.moe";
|
||||
issuer = "https://keycloak.rebmit.moe/realms/rebmit";
|
||||
idp_name = "id.rebmit.moe";
|
||||
issuer = "https://id.rebmit.moe/realms/rebmit";
|
||||
client_id = "synapse";
|
||||
client_secret_path = config.sops.secrets."synapse/oidc-client-secret".path;
|
||||
scopes = [
|
||||
|
@ -72,7 +72,7 @@
|
|||
};
|
||||
};
|
||||
|
||||
services.caddy.virtualHosts."matrix.rebmit.moe" = {
|
||||
services.caddy.virtualHosts."chat.rebmit.moe" = {
|
||||
extraConfig = ''
|
||||
reverse_proxy /_matrix/* 127.0.0.1:${toString config.networking.ports.matrix-synapse}
|
||||
reverse_proxy /_synapse/* 127.0.0.1:${toString config.networking.ports.matrix-synapse}
|
||||
|
|
|
@ -3,19 +3,19 @@
|
|||
services.miniflux = {
|
||||
enable = true;
|
||||
config = rec {
|
||||
BASE_URL = "https://miniflux.rebmit.moe";
|
||||
BASE_URL = "https://rss.rebmit.moe";
|
||||
LISTEN_ADDR = "127.0.0.1:${toString config.networking.ports.miniflux}";
|
||||
CREATE_ADMIN = 0;
|
||||
OAUTH2_PROVIDER = "oidc";
|
||||
OAUTH2_CLIENT_ID = "miniflux";
|
||||
OAUTH2_REDIRECT_URL = "${BASE_URL}/oauth2/oidc/callback";
|
||||
OAUTH2_OIDC_PROVIDER_NAME = "keycloak.rebmit.moe";
|
||||
OAUTH2_OIDC_DISCOVERY_ENDPOINT = "https://keycloak.rebmit.moe/realms/rebmit";
|
||||
OAUTH2_OIDC_PROVIDER_NAME = "id.rebmit.moe";
|
||||
OAUTH2_OIDC_DISCOVERY_ENDPOINT = "https://id.rebmit.moe/realms/rebmit";
|
||||
OAUTH2_USER_CREATION = 1;
|
||||
};
|
||||
};
|
||||
|
||||
services.caddy.virtualHosts."miniflux.rebmit.moe" = {
|
||||
services.caddy.virtualHosts."rss.rebmit.moe" = {
|
||||
extraConfig = ''
|
||||
reverse_proxy ${config.services.miniflux.config.LISTEN_ADDR}
|
||||
'';
|
||||
|
|
|
@ -105,9 +105,9 @@ in
|
|||
{
|
||||
targets = [
|
||||
"https://rebmit.moe"
|
||||
"https://keycloak.rebmit.moe"
|
||||
"https://matrix.rebmit.moe"
|
||||
"https://miniflux.rebmit.moe"
|
||||
"https://chat.rebmit.moe"
|
||||
"https://id.rebmit.moe"
|
||||
"https://rss.rebmit.moe"
|
||||
];
|
||||
}
|
||||
];
|
||||
|
|
|
@ -6,13 +6,13 @@
|
|||
header Access-Control-Allow-Origin *
|
||||
respond /.well-known/matrix/server `${
|
||||
builtins.toJSON {
|
||||
"m.server" = "matrix.rebmit.moe:443";
|
||||
"m.server" = "chat.rebmit.moe:443";
|
||||
}
|
||||
}`
|
||||
respond /.well-known/matrix/client `${
|
||||
builtins.toJSON {
|
||||
"m.homeserver" = {
|
||||
"base_url" = "https://matrix.rebmit.moe";
|
||||
"base_url" = "https://chat.rebmit.moe";
|
||||
};
|
||||
}
|
||||
}`
|
||||
|
|
|
@ -44,11 +44,11 @@ dns.lib.toString "rebmit.moe" {
|
|||
MX = with mx; [ (mx 10 "suwako-vie1.rebmit.link.") ];
|
||||
TXT = [ (with spf; soft [ "mx" ]) ];
|
||||
subdomains = {
|
||||
keycloak.CNAME = [ "suwako-vie0.rebmit.link." ];
|
||||
matrix.CNAME = [ "suwako-vie0.rebmit.link." ];
|
||||
miniflux.CNAME = [ "suwako-vie0.rebmit.link." ];
|
||||
chat.CNAME = [ "suwako-vie0.rebmit.link." ];
|
||||
id.CNAME = [ "suwako-vie0.rebmit.link." ];
|
||||
ntfy.CNAME = [ "fallback.workers.moe." ];
|
||||
prometheus.CNAME = [ "fallback.workers.moe." ];
|
||||
rss.CNAME = [ "suwako-vie0.rebmit.link." ];
|
||||
vault.CNAME = [ "suwako-vie1.rebmit.link." ];
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue