Services
All services run behind Caddy with Cloudflare DNS TLS. Most use the mkService factory which provides systemd units, dedicated users, reverse proxy, backup integration, and port conflict detection.
Live status
- Dashboard: infra.dunkirk.sh
- Machine manifest:
nix eval --json .#services-manifestor/services.json
Service documentation
These services have detailed option references and architecture notes:
- bore — HTTP/TCP/UDP tunnel proxy with optional OAuth
- cedarlogic — circuit simulator with WebSocket collaboration
- control — admin dashboard for Caddy feature toggles
- emojibot — multi-instance Slack emoji management
- herald — git SSH hosting with email via SMTP/DKIM
- knot-sync — mirrors Tangled knot repos to GitHub on cron
For all other services, check the manifest or the module source in modules/nixos/services/.