From dbd396f613d28103a998d8e5e3a1b52f3968fb79 Mon Sep 17 00:00:00 2001 From: admin Date: Sun, 24 Mar 2024 22:37:16 +0100 Subject: [PATCH 1/6] feat: working tunnel with audio books --- audiobooks.nix | 10 +++------- configuration.nix | 1 + flake.nix | 15 ++++++++------- tunnel.nix | 15 +++++++++++++++ 4 files changed, 27 insertions(+), 14 deletions(-) create mode 100644 tunnel.nix diff --git a/audiobooks.nix b/audiobooks.nix index 02cb859..090d809 100644 --- a/audiobooks.nix +++ b/audiobooks.nix @@ -1,8 +1,7 @@ -{ config, ... }: +{ ... }: let domain = "books.sondell.org"; - # derp = "hi"; in { # @@ -11,16 +10,13 @@ in port = 8000; }; + services.nginx.enable = true; services.nginx.virtualHosts.${domain} = { - enableACME = true; - forceSSL = true; + default = true; locations."/" = { proxyPass = "http://localhost:8000/"; proxyWebsockets = true; - # extraConfig = '' - # access_log /var/log/nginx/access.log main if=$forgejo_access_log; - # ''; }; }; } diff --git a/configuration.nix b/configuration.nix index 5b86ee0..9043a0f 100644 --- a/configuration.nix +++ b/configuration.nix @@ -110,6 +110,7 @@ environment.systemPackages = with pkgs; [ # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. # wget + cloudflared filebrowser git helix diff --git a/flake.nix b/flake.nix index b4b2d7c..b411e45 100644 --- a/flake.nix +++ b/flake.nix @@ -8,14 +8,15 @@ specialArgs = attrs; modules = [ ./configuration.nix - ./forgejo.nix - ./nextcloud.nix ./audiobooks.nix - ./jellyfin.nix - ./filebrowser.nix - ./matrix.nix - ./tail.nix - ./coturn.nix + ./tunnel.nix + # ./forgejo.nix + # ./nextcloud.nix + # ./jellyfin.nix + # ./filebrowser.nix + # ./matrix.nix + # ./tail.nix + # ./coturn.nix ]; }; diff --git a/tunnel.nix b/tunnel.nix new file mode 100644 index 0000000..963a0a9 --- /dev/null +++ b/tunnel.nix @@ -0,0 +1,15 @@ +{...}: +{ + services.cloudflared = { + enable = true; + tunnels = { + "tulpan" = { + credentialsFile = "/etc/nixos/.secrets/tulpan-tunnel.json"; + default = "http_status:404"; + ingress = { + "*.sondell.org" = "http://localhost:80"; + }; + }; + }; +}; +} From 2730b695e7cc274989ae125c3c54d0ee083cdc4b Mon Sep 17 00:00:00 2001 From: admin Date: Sun, 24 Mar 2024 22:51:46 +0100 Subject: [PATCH 2/6] feat: git, jelly file up again --- audiobooks.nix | 1 - filebrowser.nix | 5 ----- flake.nix | 6 +++--- forgejo.nix | 6 ------ jellyfin.nix | 5 ----- matrix.nix | 8 ++++---- nextcloud.nix | 4 ++-- tunnel.nix | 1 + 8 files changed, 10 insertions(+), 26 deletions(-) diff --git a/audiobooks.nix b/audiobooks.nix index 090d809..7c6574d 100644 --- a/audiobooks.nix +++ b/audiobooks.nix @@ -10,7 +10,6 @@ in port = 8000; }; - services.nginx.enable = true; services.nginx.virtualHosts.${domain} = { default = true; diff --git a/filebrowser.nix b/filebrowser.nix index 5cf3325..e6fba73 100644 --- a/filebrowser.nix +++ b/filebrowser.nix @@ -20,14 +20,9 @@ in services.nginx.virtualHosts.${domain} = { - enableACME = true; - forceSSL = true; locations."/" = { proxyPass = "http://localhost:8080/"; proxyWebsockets = true; - # extraConfig = '' - # access_log /var/log/nginx/access.log main if=$forgejo_access_log; - # ''; }; }; } diff --git a/flake.nix b/flake.nix index b411e45..9ebf30f 100644 --- a/flake.nix +++ b/flake.nix @@ -10,10 +10,10 @@ ./configuration.nix ./audiobooks.nix ./tunnel.nix - # ./forgejo.nix + ./forgejo.nix # ./nextcloud.nix - # ./jellyfin.nix - # ./filebrowser.nix + ./jellyfin.nix + ./filebrowser.nix # ./matrix.nix # ./tail.nix # ./coturn.nix diff --git a/forgejo.nix b/forgejo.nix index 123bbc7..bc93c06 100644 --- a/forgejo.nix +++ b/forgejo.nix @@ -19,7 +19,6 @@ in }; services.nginx = { - enable = true; appendHttpConfig = '' map $uri $forgejo_access_log { default 1; @@ -29,13 +28,8 @@ in }; services.nginx.virtualHosts.${domain} = { - enableACME = true; - forceSSL = true; locations."/" = { proxyPass = "http://localhost:3000/"; - # extraConfig = '' - # access_log /var/log/nginx/access.log main if=$forgejo_access_log; - # ''; }; }; } diff --git a/jellyfin.nix b/jellyfin.nix index 0675dcb..a214af7 100644 --- a/jellyfin.nix +++ b/jellyfin.nix @@ -12,14 +12,9 @@ in services.nginx.virtualHosts.${domain} = { - enableACME = true; - forceSSL = true; locations."/" = { proxyPass = "http://localhost:8096/"; proxyWebsockets = true; - # extraConfig = '' - # access_log /var/log/nginx/access.log main if=$forgejo_access_log; - # ''; }; }; } diff --git a/matrix.nix b/matrix.nix index cc2d4c5..2b19a33 100644 --- a/matrix.nix +++ b/matrix.nix @@ -52,8 +52,8 @@ services.postgresql = { services.nginx.virtualHosts = { ${fqdn} = { - enableACME = true; - forceSSL = true; + # enableACME = true; + # forceSSL = true; locations."/".extraConfig = '' return 404; ''; @@ -65,8 +65,8 @@ services.postgresql = { }; ${domain} = { - enableACME = true; - forceSSL = true; + # enableACME = true; + # forceSSL = true; locations."/" = { proxyPass = "http://localhost:8008"; }; diff --git a/nextcloud.nix b/nextcloud.nix index 02d9610..e3b8382 100644 --- a/nextcloud.nix +++ b/nextcloud.nix @@ -17,8 +17,8 @@ in services = { nginx.virtualHosts = { ${domain} = { - forceSSL = true; - enableACME = true; + # forceSSL = true; + # enableACME = true; # Use DNS Challenege. # acmeRoot = null; }; diff --git a/tunnel.nix b/tunnel.nix index 963a0a9..8591e7c 100644 --- a/tunnel.nix +++ b/tunnel.nix @@ -1,5 +1,6 @@ {...}: { + services.nginx.enable = true; services.cloudflared = { enable = true; tunnels = { From de609b4e69f1dd03386b49533d02eaf6725979c7 Mon Sep 17 00:00:00 2001 From: admin Date: Mon, 25 Mar 2024 00:18:55 +0100 Subject: [PATCH 3/6] derp --- configuration.nix | 2 ++ filebrowser.nix | 14 ++++++++++++++ flake.nix | 4 ++-- tunnel.nix | 25 ++++++++++++++----------- 4 files changed, 32 insertions(+), 13 deletions(-) diff --git a/configuration.nix b/configuration.nix index 9043a0f..5ae6dfe 100644 --- a/configuration.nix +++ b/configuration.nix @@ -112,10 +112,12 @@ # wget cloudflared filebrowser + dufs git helix nil starship + tailscale ]; programs.fish= { diff --git a/filebrowser.nix b/filebrowser.nix index e6fba73..5d346c6 100644 --- a/filebrowser.nix +++ b/filebrowser.nix @@ -18,6 +18,20 @@ in }; }; + systemd.services.tailBrowser = with pkgs; { + enable = true; + description = "serve via tailscale filebrowser"; + wantedBy = [ "multi-user.target" ]; + unitConfig = { + After="filebrowser.target"; + }; + serviceConfig = { + ExecStart = "${tailscale}/bin/tailscale serve --http 80 localhost:8080"; + # User= "jellyfin"; + Type= "simple"; + }; + }; + services.nginx.virtualHosts.${domain} = { locations."/" = { diff --git a/flake.nix b/flake.nix index 9ebf30f..7eaca98 100644 --- a/flake.nix +++ b/flake.nix @@ -11,11 +11,11 @@ ./audiobooks.nix ./tunnel.nix ./forgejo.nix - # ./nextcloud.nix + ./nextcloud.nix ./jellyfin.nix ./filebrowser.nix + ./tail.nix # ./matrix.nix - # ./tail.nix # ./coturn.nix ]; diff --git a/tunnel.nix b/tunnel.nix index 8591e7c..51eadf2 100644 --- a/tunnel.nix +++ b/tunnel.nix @@ -1,16 +1,19 @@ {...}: { - services.nginx.enable = true; - services.cloudflared = { - enable = true; - tunnels = { - "tulpan" = { - credentialsFile = "/etc/nixos/.secrets/tulpan-tunnel.json"; - default = "http_status:404"; - ingress = { - "*.sondell.org" = "http://localhost:80"; + services.nginx = { + enable = true; + clientMaxBodySize = "10g"; + }; + services.cloudflared = { + enable = true; + tunnels = { + "tulpan" = { + credentialsFile = "/etc/nixos/.secrets/tulpan-tunnel.json"; + default = "http_status:404"; + ingress = { + "*.sondell.org" = "http://localhost:80"; + }; }; }; - }; -}; + }; } From c314b245fa27bcef1ca6dc60c29eb24be388aeba Mon Sep 17 00:00:00 2001 From: admin Date: Mon, 25 Mar 2024 00:43:09 +0100 Subject: [PATCH 4/6] feat: working files and http://nixos-tulpan --- tunnel.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tunnel.nix b/tunnel.nix index 51eadf2..739c85e 100644 --- a/tunnel.nix +++ b/tunnel.nix @@ -3,6 +3,7 @@ services.nginx = { enable = true; clientMaxBodySize = "10g"; + defaultHTTPListenPort = 1234; }; services.cloudflared = { enable = true; @@ -11,7 +12,7 @@ credentialsFile = "/etc/nixos/.secrets/tulpan-tunnel.json"; default = "http_status:404"; ingress = { - "*.sondell.org" = "http://localhost:80"; + "*.sondell.org" = "http://localhost:1234"; }; }; }; From f13edf5e0c6afdeab94604758c5b7b44d7f6dd66 Mon Sep 17 00:00:00 2001 From: admin Date: Mon, 25 Mar 2024 01:00:52 +0100 Subject: [PATCH 5/6] feat: matrix up --- coturn.nix | 10 +++++----- flake.nix | 4 ++-- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/coturn.nix b/coturn.nix index 6354b40..ec5e853 100644 --- a/coturn.nix +++ b/coturn.nix @@ -63,10 +63,10 @@ group = "turnserver"; }; # configure synapse to point users to coturn - services.matrix-synapse = with config.services.coturn; { - turn_uris = ["turn:${realm}:3478?transport=udp" "turn:${realm}:3478?transport=tcp"]; - turn_shared_secret = static-auth-secret; - turn_user_lifetime = "1h"; - }; + # services.matrix-synapse = with config.services.coturn; { + # turn_uris = ["turn:${realm}:3478?transport=udp" "turn:${realm}:3478?transport=tcp"]; + # turn_shared_secret = static-auth-secret; + # turn_user_lifetime = "1h"; + # }; } diff --git a/flake.nix b/flake.nix index 7eaca98..12caad0 100644 --- a/flake.nix +++ b/flake.nix @@ -15,8 +15,8 @@ ./jellyfin.nix ./filebrowser.nix ./tail.nix - # ./matrix.nix - # ./coturn.nix + ./matrix.nix + # ./coturn.nix # disabled becouse tls not solved ]; }; From 31976736789cfd7df766cc51c5244db7f262f7e0 Mon Sep 17 00:00:00 2001 From: admin Date: Mon, 25 Mar 2024 01:10:23 +0100 Subject: [PATCH 6/6] htop --- configuration.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/configuration.nix b/configuration.nix index 5ae6dfe..2e30133 100644 --- a/configuration.nix +++ b/configuration.nix @@ -110,6 +110,7 @@ environment.systemPackages = with pkgs; [ # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. # wget + htop cloudflared filebrowser dufs