glennwso/nixos-selfhost
1
0
Fork 0
Code Issues 2 Pull requests Packages Projects Releases Wiki Activity

Compare commits

base: glennwso:31976736789cfd7df766cc51c5244db7f262f7e0
Branches Tags
glennwso:main
glennwso:rebase
..
compare: glennwso:d4a85d3d9186beb7ff2823bceba8d670f7adb85d
Branches Tags
glennwso:main
glennwso:rebase

No commits in common. "31976736789cfd7df766cc51c5244db7f262f7e0" and "d4a85d3d9186beb7ff2823bceba8d670f7adb85d" have entirely different histories.
3197673678 ... d4a85d3d91

10 changed files with 37 additions and 55 deletions
Show stats Expand all files Collapse all files

9
audiobooks.nix
View file

@ -1,7 +1,8 @@
{ ... }: { config, ... }:
let let
domain = "books.sondell.org"; domain = "books.sondell.org";
# derp = "hi";
in in
{ {
# #
@ -12,10 +13,14 @@ in
services.nginx.virtualHosts.${domain} = { services.nginx.virtualHosts.${domain} = {
default = true; enableACME = true;
forceSSL = true;
locations."/" = { locations."/" = {
proxyPass = "http://localhost:8000/"; proxyPass = "http://localhost:8000/";
proxyWebsockets = true; proxyWebsockets = true;
# extraConfig = ''
# access_log /var/log/nginx/access.log main if=$forgejo_access_log;
# '';
}; };
}; };
} }

4
configuration.nix
View file

@ -110,15 +110,11 @@
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
# wget # wget
htop
cloudflared
filebrowser filebrowser
dufs
git git
helix helix
nil nil
starship starship
tailscale
]; ];
programs.fish= { programs.fish= {

10
coturn.nix
View file

@ -63,10 +63,10 @@
group = "turnserver"; group = "turnserver";
}; };
# configure synapse to point users to coturn # configure synapse to point users to coturn
# services.matrix-synapse = with config.services.coturn; { services.matrix-synapse = with config.services.coturn; {
# turn_uris = ["turn:${realm}:3478?transport=udp" "turn:${realm}:3478?transport=tcp"]; turn_uris = ["turn:${realm}:3478?transport=udp" "turn:${realm}:3478?transport=tcp"];
# turn_shared_secret = static-auth-secret; turn_shared_secret = static-auth-secret;
# turn_user_lifetime = "1h"; turn_user_lifetime = "1h";
# }; };
} }

19
filebrowser.nix
View file

@ -18,25 +18,16 @@ in
}; };
}; };
systemd.services.tailBrowser = with pkgs; {
enable = true;
description = "serve via tailscale filebrowser";
wantedBy = [ "multi-user.target" ];
unitConfig = {
After="filebrowser.target";
};
serviceConfig = {
ExecStart = "${tailscale}/bin/tailscale serve --http 80 localhost:8080";
# User= "jellyfin";
Type= "simple";
};
};
services.nginx.virtualHosts.${domain} = { services.nginx.virtualHosts.${domain} = {
enableACME = true;
forceSSL = true;
locations."/" = { locations."/" = {
proxyPass = "http://localhost:8080/"; proxyPass = "http://localhost:8080/";
proxyWebsockets = true; proxyWebsockets = true;
# extraConfig = ''
# access_log /var/log/nginx/access.log main if=$forgejo_access_log;
# '';
}; };
}; };
} }

7
flake.nix
View file

@ -8,15 +8,14 @@
specialArgs = attrs; specialArgs = attrs;
modules = [ modules = [
./configuration.nix ./configuration.nix
./audiobooks.nix
./tunnel.nix
./forgejo.nix ./forgejo.nix
./nextcloud.nix ./nextcloud.nix
./audiobooks.nix
./jellyfin.nix ./jellyfin.nix
./filebrowser.nix ./filebrowser.nix
./tail.nix
./matrix.nix ./matrix.nix
# ./coturn.nix # disabled becouse tls not solved ./tail.nix
./coturn.nix
]; ];
}; };

6
forgejo.nix
View file

@ -19,6 +19,7 @@ in
}; };
services.nginx = { services.nginx = {
enable = true;
appendHttpConfig = '' appendHttpConfig = ''
map $uri $forgejo_access_log { map $uri $forgejo_access_log {
default 1; default 1;
@ -28,8 +29,13 @@ in
}; };
services.nginx.virtualHosts.${domain} = { services.nginx.virtualHosts.${domain} = {
enableACME = true;
forceSSL = true;
locations."/" = { locations."/" = {
proxyPass = "http://localhost:3000/"; proxyPass = "http://localhost:3000/";
# extraConfig = ''
# access_log /var/log/nginx/access.log main if=$forgejo_access_log;
# '';
}; };
}; };
} }

5
jellyfin.nix
View file

@ -12,9 +12,14 @@ in
services.nginx.virtualHosts.${domain} = { services.nginx.virtualHosts.${domain} = {
enableACME = true;
forceSSL = true;
locations."/" = { locations."/" = {
proxyPass = "http://localhost:8096/"; proxyPass = "http://localhost:8096/";
proxyWebsockets = true; proxyWebsockets = true;
# extraConfig = ''
# access_log /var/log/nginx/access.log main if=$forgejo_access_log;
# '';
}; };
}; };
} }

8
matrix.nix
View file

@ -52,8 +52,8 @@ services.postgresql = {
services.nginx.virtualHosts = { services.nginx.virtualHosts = {
${fqdn} = { ${fqdn} = {
# enableACME = true; enableACME = true;
# forceSSL = true; forceSSL = true;
locations."/".extraConfig = '' locations."/".extraConfig = ''
return 404; return 404;
''; '';
@ -65,8 +65,8 @@ services.postgresql = {
}; };
${domain} = { ${domain} = {
# enableACME = true; enableACME = true;
# forceSSL = true; forceSSL = true;
locations."/" = { locations."/" = {
proxyPass = "http://localhost:8008"; proxyPass = "http://localhost:8008";
}; };

4
nextcloud.nix
View file

@ -17,8 +17,8 @@ in
services = { services = {
nginx.virtualHosts = { nginx.virtualHosts = {
${domain} = { ${domain} = {
# forceSSL = true; forceSSL = true;
# enableACME = true; enableACME = true;
# Use DNS Challenege. # Use DNS Challenege.
# acmeRoot = null; # acmeRoot = null;
}; };

20
tunnel.nix
View file

@ -1,20 +0,0 @@
{...}:
{
services.nginx = {
enable = true;
clientMaxBodySize = "10g";
defaultHTTPListenPort = 1234;
};
services.cloudflared = {
enable = true;
tunnels = {
"tulpan" = {
credentialsFile = "/etc/nixos/.secrets/tulpan-tunnel.json";
default = "http_status:404";
ingress = {
"*.sondell.org" = "http://localhost:1234";
};
};
};
};
}