Use the same Cloudflare tunnel ID for all services

2025-05-04 10:24:47 +01:00 · 2025-05-04 10:24:47 +01:00 · ec5daa9a52
commit ec5daa9a52
parent f0d272038f
4 changed files with 12 additions and 28 deletions
--- a/hosts/nixedo/homelab.nix
+++ b/hosts/nixedo/homelab.nix
@ -2,17 +2,13 @@
  homelab = {
    enable = true;

+    cloudflared.tunnelId = "e1514105-327f-4984-974e-e2fbaca76466";
+
    domain = "oliverdavies.uk";

    services = {
      audiobookshelf.enable = true;
-
-      forgejo = {
-        enable = true;
-
-        cloudflared.tunnelId = "e1514105-327f-4984-974e-e2fbaca76466";
-      };
-
+      forgejo.enable = true;
      gitea-actions-runner.enable = true;
      home-assistant.enable = true;
      homepage-dashboard.enable = true;
@ -21,12 +17,7 @@
      paperless.enable = true;
      tubearchivist.enable = true;
      uptime-kuma.enable = true;
-
-      vaultwarden = {
-        enable = true;
-
-        cloudflared.tunnelId = "41feb37d-a0f5-4c21-80c8-36ab63ec3b17";
-      };
+      vaultwarden.enable = true;
    };
  };
 }
--- a/hosts/nixedo/modules/default.nix
+++ b/hosts/nixedo/modules/default.nix
@ -6,6 +6,11 @@ with lib;
  options.homelab = {
    enable = mkEnableOption "Enable homelab services and configuration";

+    cloudflared.tunnelId = mkOption {
+      example = "00000000-0000-0000-0000-000000000000";
+      type = types.str;
+    };
+
    domain = mkOption {
      description = "The base domain to use for this homelab.";
      type = types.str;
--- a/hosts/nixedo/modules/forgejo.nix
+++ b/hosts/nixedo/modules/forgejo.nix
@ -16,11 +16,6 @@ in
      type = types.str;
    };

-    cloudflared.tunnelId = mkOption {
-      example = "00000000-0000-0000-0000-000000000000";
-      type = types.str;
-    };
-
    homepage.name = mkOption {
      default = "Forgejo";
      type = types.str;
@ -58,7 +53,7 @@ in
        };
      };

-      cloudflared.tunnels.${cfg.cloudflared.tunnelId}.ingress = {
+      cloudflared.tunnels.${homelab.cloudflared.tunnelId}.ingress = {
        ${cfg.url} = "http://localhost:${toString config.services.${service}.settings.server.HTTP_PORT}";
      };
    };
--- a/hosts/nixedo/services/vaultwarden.nix
+++ b/hosts/nixedo/services/vaultwarden.nix
@ -21,11 +21,6 @@ in
      type = types.str;
    };

-    cloudflared.tunnelId = mkOption {
-      example = "00000000-0000-0000-0000-000000000000";
-      type = types.str;
-    };
-
    homepage.name = mkOption {
      default = "Vaultwarden";
      type = types.str;
@ -60,10 +55,8 @@ in
        };
      };

-      cloudflared.tunnels.${cfg.cloudflared.tunnelId} = {
-        credentialsFile = config.age.secrets.cloudflared.path;
-        default = "http_status:404";
-        ingress."${cfg.url}".service = "http://${config.services.${service}.config.ROCKET_ADDRESS}:${
+      cloudflared.tunnels.${homelab.cloudflared.tunnelId}.ingress = {
+        "${cfg.url}" = "http://${config.services.${service}.config.ROCKET_ADDRESS}:${
          toString config.services.${service}.config.ROCKET_PORT
        }";
      };