feat: add internal proxy to high-volume applications at home

2024-05-20 02:30:17 +02:00 · 2024-05-20 02:30:17 +02:00 · 20a5e1e66a
commit 20a5e1e66a
parent b01c521830
32 changed files with 301 additions and 21 deletions
--- a/hosts/ward/guests/adguardhome.nix
+++ b/hosts/ward/guests/adguardhome.nix
@ -74,23 +74,26 @@ in {
        ];
        dhcp.enabled = false;
      };
-      filtering.rewrites = [
-        # Undo the /etc/hosts entry so we don't answer with the internal
-        # wireguard address for influxdb
-        {
-          domain = nodes.sentinel.config.networking.providedDomains.influxdb;
-          answer = config.repo.secrets.global.domains.me;
-        }
+      filtering.rewrites =
+        [
+          # Undo the /etc/hosts entry so we don't answer with the internal
+          # wireguard address for influxdb
+          {
+            domain = nodes.sentinel.config.networking.providedDomains.influxdb;
+            answer = config.repo.secrets.global.domains.me;
+          }
+        ]
        # Use the local mirror-proxy for some services (not necessary, just for speed)
-        {
-          domain = nodes.sentinel.config.networking.providedDomains.grafana;
-          answer = "192.168.1.4"; # web-proxy
-        }
-        {
-          domain = nodes.sentinel.config.networking.providedDomains.immich;
-          answer = "192.168.1.4"; # web-proxy
-        }
-      ];
+        ++ map (domain: {
+          inherit domain;
+          answer = "192.168.1.4";
+        }) [
+          nodes.sentinel.config.networking.providedDomains.grafana
+          nodes.sentinel.config.networking.providedDomains.immich
+          nodes.sentinel.config.networking.providedDomains.influxdb
+          nodes.sentinel.config.networking.providedDomains.loki
+          nodes.sentinel.config.networking.providedDomains.paperless
+        ];
      filters = [
        {
          name = "AdGuard DNS filter";