From 8ce67ac79ff3db29d0d7eb8745ecee70dc7fbe0a Mon Sep 17 00:00:00 2001
From: Fuwn <contact@fuwn.me>
Date: Mon, 7 Oct 2024 21:02:40 -0700
Subject: containers: move caddy virtual hosts to container files

---
 modules/server/networking/caddy.nix | 30 -------------------
 modules/server/networking/tor.nix   | 58 ++++++++++++++++++++-----------------
 2 files changed, 31 insertions(+), 57 deletions(-)

(limited to 'modules/server/networking')

diff --git a/modules/server/networking/caddy.nix b/modules/server/networking/caddy.nix
index a95ff5d..fe07ed4 100644
--- a/modules/server/networking/caddy.nix
+++ b/modules/server/networking/caddy.nix
@@ -11,35 +11,5 @@
   services.caddy = {
     enable = true;
     package = pkgs.caddy-tailscale;
-
-    virtualHosts =
-      let
-        onion = "fuwnme4wbs5x36jjf2usedw2zscozwhazykhyfkjsmudtb7egs3mb7yd.onion";
-      in
-      {
-        "mayu.due.moe".extraConfig = "reverse_proxy localhost:8098";
-        "counter.due.moe".extraConfig = "reverse_proxy localhost:8098";
-        "bin.fuwn.me".extraConfig = "reverse_proxy localhost:8090";
-        "status.due.moe".extraConfig = "reverse_proxy localhost:8099";
-        "beszel.fuwn.me".extraConfig = "reverse_proxy localhost:8083";
-        ${onion}.extraConfig = "reverse_proxy localhost:8084";
-
-        "fuwn.me".extraConfig = ''
-          reverse_proxy localhost:8084
-
-          header Onion-Location http://${onion}{path}
-
-          @blocked {
-            path /proxy/illegaldrugs.net/cgi-bin/news.php*
-            path /proxy/scholasticdiversity.us.to/scriptures/*
-            path /proxy/jsreed5.org/oeis/*
-          }
-          respond @blocked 403
-
-          @no_forwarded_for not header X-Forwarded-For *
-          request_header @no_forwarded_for X-Forwarded-For {remote_host}
-          respond /whoami {header.X-Forwarded-For} 200
-        '';
-      };
   };
 }
diff --git a/modules/server/networking/tor.nix b/modules/server/networking/tor.nix
index ab9afcc..05e7fb7 100644
--- a/modules/server/networking/tor.nix
+++ b/modules/server/networking/tor.nix
@@ -1,37 +1,41 @@
 {
-  services.tor = {
-    enable = true;
-    enableGeoIP = false;
+  services = {
+    caddy.virtualHosts."fuwnme4wbs5x36jjf2usedw2zscozwhazykhyfkjsmudtb7egs3mb7yd.onion".extraConfig = "reverse_proxy localhost:8084";
 
-    relay.onionServices = {
-      "fuwn.me" = {
-        version = 3;
+    tor = {
+      enable = true;
+      enableGeoIP = false;
 
-        map = [
-          {
-            port = 80;
+      relay.onionServices = {
+        "fuwn.me" = {
+          version = 3;
 
-            target = {
-              addr = "[::1]";
-              port = 8084;
-            };
-          }
-          {
-            port = 80;
+          map = [
+            {
+              port = 80;
 
-            target = {
-              addr = "0.0.0.0";
-              port = 8084;
-            };
-          }
-        ];
+              target = {
+                addr = "[::1]";
+                port = 8084;
+              };
+            }
+            {
+              port = 80;
+
+              target = {
+                addr = "0.0.0.0";
+                port = 8084;
+              };
+            }
+          ];
+        };
       };
-    };
 
-    settings = {
-      ClientUseIPv4 = true;
-      ClientUseIPv6 = true;
-      ClientPreferIPv6ORPort = true;
+      settings = {
+        ClientUseIPv4 = true;
+        ClientUseIPv6 = true;
+        ClientPreferIPv6ORPort = true;
+      };
     };
   };
 }
-- 
cgit v1.2.3