hosts/greatyamada/services/_port-definitions.nix

@@ -3,8 +3,6 @@
     adguardhome = {
       dns = 53;
       http = 3001;
-      https = 4430;
-      dns_over_tls = 853;
     };
     forgejo = 3000;
     jellyfin = 8096;
@@ -26,7 +24,6 @@
     adguardhome = {
       dns = 53;
       dhcp = 67;
-      dns_over_quic = 853;
     };
     wireguard = 51820;
   };

hosts/greatyamada/services/adguardhome.nix

@@ -4,8 +4,8 @@ let
   nginxLocalServiceConfig = import ./nginx-local-config.nix;
 in {
   networking.firewall = {
-    allowedTCPPorts = with ports.tcp.adguardhome; [ dns dns_over_tls ];
-    allowedUDPPorts = with ports.udp.adguardhome; [ dns dhcp dns_over_quic ];
+    allowedTCPPorts = with ports.tcp.adguardhome; [ dns ];
+    allowedUDPPorts = with ports.udp.adguardhome; [ dns dhcp ];
   };
   services = {
     adguardhome = {
@@ -27,15 +27,6 @@ in {
           bootstrap_dns =
             [ "9.9.9.10" "149.112.112.10" "2620:fe::10" "2620:fe::fe:10" ];
         };
-        tls = {
-          enabled = true;
-          server_name = "dns.rcia.dev";
-          port_https = ports.tcp.adguardhome.https;
-          port_dns_over_tls = ports.tcp.adguardhome.dns_over_tls;
-          port_dns_over_quic = ports.udp.adguardhome.dns_over_quic;
-          certificate_path = "/var/lib/acme/rcia.dev/fullchain.pem";
-          private_key_path = "/var/lib/acme/rcia.dev/key.pem";
-        };
         dhcp = {
           enabled = true;
           interface_name = "enp5s0";
@@ -275,10 +266,9 @@ in {
     nginx.virtualHosts."dns.rcia.dev" = {
       forceSSL = true;
       locations."/".proxyPass =
-        "https://127.0.0.1:${toString ports.tcp.adguardhome.https}";
+        "http://127.0.0.1:${toString ports.tcp.adguardhome.http}";
       extraConfig = nginxLocalServiceConfig;
       useACMEHost = "rcia.dev";
     };
   };
-  users.groups.nginx.members = [ "adguardhome" ];
 }

hosts/greatyamada/services/minecraft/default.nix

@@ -179,7 +179,7 @@ in {
         };
         "~* ^/fabric_prod/(maps/[^/\\s]*/live/.*)" = {
           proxyPass = "http://127.0.0.1:${
-              toString ports.tcp.minecraft.fabric_prod.bluemap
+              toString ports.tcp.minecraft.fabric-prod.bluemap
             }/$1";
           extraConfig = ''
             error_page 502 504 = @server-offline;