Compare commits
No commits in common. "31976736789cfd7df766cc51c5244db7f262f7e0" and "d4a85d3d9186beb7ff2823bceba8d670f7adb85d" have entirely different histories.
3197673678
...
d4a85d3d91
|
|
@ -1,7 +1,8 @@
|
|||
{ ... }:
|
||||
{ config, ... }:
|
||||
|
||||
let
|
||||
domain = "books.sondell.org";
|
||||
# derp = "hi";
|
||||
in
|
||||
{
|
||||
#
|
||||
|
|
@ -12,10 +13,14 @@ in
|
|||
|
||||
|
||||
services.nginx.virtualHosts.${domain} = {
|
||||
default = true;
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://localhost:8000/";
|
||||
proxyWebsockets = true;
|
||||
# extraConfig = ''
|
||||
# access_log /var/log/nginx/access.log main if=$forgejo_access_log;
|
||||
# '';
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -110,15 +110,11 @@
|
|||
environment.systemPackages = with pkgs; [
|
||||
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
|
||||
# wget
|
||||
htop
|
||||
cloudflared
|
||||
filebrowser
|
||||
dufs
|
||||
git
|
||||
helix
|
||||
nil
|
||||
starship
|
||||
tailscale
|
||||
];
|
||||
|
||||
programs.fish= {
|
||||
|
|
|
|||
10
coturn.nix
10
coturn.nix
|
|
@ -63,10 +63,10 @@
|
|||
group = "turnserver";
|
||||
};
|
||||
# configure synapse to point users to coturn
|
||||
# services.matrix-synapse = with config.services.coturn; {
|
||||
# turn_uris = ["turn:${realm}:3478?transport=udp" "turn:${realm}:3478?transport=tcp"];
|
||||
# turn_shared_secret = static-auth-secret;
|
||||
# turn_user_lifetime = "1h";
|
||||
# };
|
||||
services.matrix-synapse = with config.services.coturn; {
|
||||
turn_uris = ["turn:${realm}:3478?transport=udp" "turn:${realm}:3478?transport=tcp"];
|
||||
turn_shared_secret = static-auth-secret;
|
||||
turn_user_lifetime = "1h";
|
||||
};
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -18,25 +18,16 @@ in
|
|||
};
|
||||
};
|
||||
|
||||
systemd.services.tailBrowser = with pkgs; {
|
||||
enable = true;
|
||||
description = "serve via tailscale filebrowser";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
unitConfig = {
|
||||
After="filebrowser.target";
|
||||
};
|
||||
serviceConfig = {
|
||||
ExecStart = "${tailscale}/bin/tailscale serve --http 80 localhost:8080";
|
||||
# User= "jellyfin";
|
||||
Type= "simple";
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
services.nginx.virtualHosts.${domain} = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://localhost:8080/";
|
||||
proxyWebsockets = true;
|
||||
# extraConfig = ''
|
||||
# access_log /var/log/nginx/access.log main if=$forgejo_access_log;
|
||||
# '';
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -8,15 +8,14 @@
|
|||
specialArgs = attrs;
|
||||
modules = [
|
||||
./configuration.nix
|
||||
./audiobooks.nix
|
||||
./tunnel.nix
|
||||
./forgejo.nix
|
||||
./nextcloud.nix
|
||||
./audiobooks.nix
|
||||
./jellyfin.nix
|
||||
./filebrowser.nix
|
||||
./tail.nix
|
||||
./matrix.nix
|
||||
# ./coturn.nix # disabled becouse tls not solved
|
||||
./tail.nix
|
||||
./coturn.nix
|
||||
];
|
||||
|
||||
};
|
||||
|
|
|
|||
|
|
@ -19,6 +19,7 @@ in
|
|||
};
|
||||
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
appendHttpConfig = ''
|
||||
map $uri $forgejo_access_log {
|
||||
default 1;
|
||||
|
|
@ -28,8 +29,13 @@ in
|
|||
};
|
||||
|
||||
services.nginx.virtualHosts.${domain} = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://localhost:3000/";
|
||||
# extraConfig = ''
|
||||
# access_log /var/log/nginx/access.log main if=$forgejo_access_log;
|
||||
# '';
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -12,9 +12,14 @@ in
|
|||
|
||||
|
||||
services.nginx.virtualHosts.${domain} = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://localhost:8096/";
|
||||
proxyWebsockets = true;
|
||||
# extraConfig = ''
|
||||
# access_log /var/log/nginx/access.log main if=$forgejo_access_log;
|
||||
# '';
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -52,8 +52,8 @@ services.postgresql = {
|
|||
|
||||
services.nginx.virtualHosts = {
|
||||
${fqdn} = {
|
||||
# enableACME = true;
|
||||
# forceSSL = true;
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/".extraConfig = ''
|
||||
return 404;
|
||||
'';
|
||||
|
|
@ -65,8 +65,8 @@ services.postgresql = {
|
|||
};
|
||||
|
||||
${domain} = {
|
||||
# enableACME = true;
|
||||
# forceSSL = true;
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://localhost:8008";
|
||||
};
|
||||
|
|
|
|||
|
|
@ -17,8 +17,8 @@ in
|
|||
services = {
|
||||
nginx.virtualHosts = {
|
||||
${domain} = {
|
||||
# forceSSL = true;
|
||||
# enableACME = true;
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
# Use DNS Challenege.
|
||||
# acmeRoot = null;
|
||||
};
|
||||
|
|
|
|||
20
tunnel.nix
20
tunnel.nix
|
|
@ -1,20 +0,0 @@
|
|||
{...}:
|
||||
{
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
clientMaxBodySize = "10g";
|
||||
defaultHTTPListenPort = 1234;
|
||||
};
|
||||
services.cloudflared = {
|
||||
enable = true;
|
||||
tunnels = {
|
||||
"tulpan" = {
|
||||
credentialsFile = "/etc/nixos/.secrets/tulpan-tunnel.json";
|
||||
default = "http_status:404";
|
||||
ingress = {
|
||||
"*.sondell.org" = "http://localhost:1234";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
Loading…
Reference in a new issue