htop

feat: matrix up
feat: working files and http://nixos-tulpan
2024-03-25 01:10:23 +01:00 · 2024-03-25 01:00:52 +01:00 · 2024-03-25 00:43:09 +01:00 · 2024-03-25 00:18:55 +01:00 · 2024-03-24 22:51:46 +01:00 · 2024-03-24 22:37:16 +01:00
10 changed files with 55 additions and 37 deletions
--- a/audiobooks.nix
+++ b/audiobooks.nix
@ -1,8 +1,7 @@
-{ config, ... }:
+{ ... }:

 let
  domain = "books.sondell.org";
-	# derp = "hi";
 in
 {
  # 
@ -13,14 +12,10 @@ in


  services.nginx.virtualHosts.${domain} = {
-    enableACME = true;
-    forceSSL = true;
+    default = true;
    locations."/" = {
      proxyPass = "http://localhost:8000/";
      proxyWebsockets = true;
-      # extraConfig = ''
-      #   access_log /var/log/nginx/access.log main if=$forgejo_access_log;
-      # '';
    };
  };
 }
--- a/configuration.nix
+++ b/configuration.nix
@ -110,11 +110,15 @@
  environment.systemPackages = with pkgs; [
  #  vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
  #  wget
+    htop
+    cloudflared
    filebrowser
+    dufs
    git
    helix
    nil
    starship
+    tailscale
  ];

  programs.fish= {
--- a/coturn.nix
+++ b/coturn.nix
@ -63,10 +63,10 @@
    group = "turnserver";
  };
  # configure synapse to point users to coturn
-  services.matrix-synapse = with config.services.coturn; {
-    turn_uris = ["turn:${realm}:3478?transport=udp" "turn:${realm}:3478?transport=tcp"];
-    turn_shared_secret = static-auth-secret;
-    turn_user_lifetime = "1h";
-  };
+  # services.matrix-synapse = with config.services.coturn; {
+  #   turn_uris = ["turn:${realm}:3478?transport=udp" "turn:${realm}:3478?transport=tcp"];
+  #   turn_shared_secret = static-auth-secret;
+  #   turn_user_lifetime = "1h";
+  # };
 }

--- a/filebrowser.nix
+++ b/filebrowser.nix
@ -18,16 +18,25 @@ in
    };
  };

+  systemd.services.tailBrowser = with pkgs; {
+    enable = true;
+    description = "serve via tailscale filebrowser";
+    wantedBy = [ "multi-user.target" ];
+    unitConfig = {
+      After="filebrowser.target";
+    };
+    serviceConfig = {
+      ExecStart = "${tailscale}/bin/tailscale serve --http 80 localhost:8080";
+      # User= "jellyfin";
+      Type= "simple";
+    };
+  };
+

  services.nginx.virtualHosts.${domain} = {
-    enableACME = true;
-    forceSSL = true;
    locations."/" = {
      proxyPass = "http://localhost:8080/";
      proxyWebsockets = true;
-      # extraConfig = ''
-      #   access_log /var/log/nginx/access.log main if=$forgejo_access_log;
-      # '';
    };
  };
 }
--- a/flake.nix
+++ b/flake.nix
@ -8,14 +8,15 @@
      specialArgs = attrs;
      modules = [ 
        ./configuration.nix 
+        ./audiobooks.nix 
+        ./tunnel.nix
        ./forgejo.nix 
        ./nextcloud.nix 
-        ./audiobooks.nix 
        ./jellyfin.nix 
        ./filebrowser.nix
-        ./matrix.nix
        ./tail.nix
-        ./coturn.nix
+        ./matrix.nix
+        # ./coturn.nix  # disabled becouse tls not solved
      ];

    };
--- a/forgejo.nix
+++ b/forgejo.nix
@ -19,7 +19,6 @@ in
  };

  services.nginx = {
-    enable = true;
    appendHttpConfig = ''
      map $uri $forgejo_access_log {
        default 1;
@ -29,13 +28,8 @@ in
  };

  services.nginx.virtualHosts.${domain} = {
-    enableACME = true;
-    forceSSL = true;
    locations."/" = {
      proxyPass = "http://localhost:3000/";
-      # extraConfig = ''
-      #   access_log /var/log/nginx/access.log main if=$forgejo_access_log;
-      # '';
    };
  };
 }
--- a/jellyfin.nix
+++ b/jellyfin.nix
@ -12,14 +12,9 @@ in


  services.nginx.virtualHosts.${domain} = {
-    enableACME = true;
-    forceSSL = true;
    locations."/" = {
      proxyPass = "http://localhost:8096/";
      proxyWebsockets = true;
-      # extraConfig = ''
-      #   access_log /var/log/nginx/access.log main if=$forgejo_access_log;
-      # '';
    };
  };
 }
--- a/matrix.nix
+++ b/matrix.nix
@ -52,8 +52,8 @@ services.postgresql = {

  services.nginx.virtualHosts = {
    ${fqdn} = {
-      enableACME = true;
-      forceSSL = true;
+      # enableACME = true;
+      # forceSSL = true;
      locations."/".extraConfig = ''
        return 404;
      '';
@ -65,8 +65,8 @@ services.postgresql = {
    };

    ${domain} = {
-      enableACME = true;
-      forceSSL = true;
+      # enableACME = true;
+      # forceSSL = true;
      locations."/" = {
        proxyPass = "http://localhost:8008";
      };
--- a/nextcloud.nix
+++ b/nextcloud.nix
@ -17,8 +17,8 @@ in
  services = {
    nginx.virtualHosts = {
      ${domain} = {
-        forceSSL = true;
-        enableACME = true;
+        # forceSSL = true;
+        # enableACME = true;
        # Use DNS Challenege.
        # acmeRoot = null;
      };
--- a/tunnel.nix
+++ b/tunnel.nix
@ -0,0 +1,20 @@
+{...}:
+{
+  services.nginx = {
+    enable = true;
+    clientMaxBodySize = "10g";
+    defaultHTTPListenPort = 1234;
+  };
+  services.cloudflared = {
+    enable = true;
+    tunnels = {
+      "tulpan" = {
+        credentialsFile = "/etc/nixos/.secrets/tulpan-tunnel.json";
+        default = "http_status:404";
+        ingress = {
+          "*.sondell.org" = "http://localhost:1234";
+        };
+      };
+    };
+  }; 
+}
Author	SHA1	Message	Date
admin	3197673678	htop	2024-03-25 01:10:23 +01:00
admin	f13edf5e0c	feat: matrix up	2024-03-25 01:00:52 +01:00
admin	c314b245fa	feat: working files and http://nixos-tulpan	2024-03-25 00:43:09 +01:00
admin	de609b4e69	derp	2024-03-25 00:18:55 +01:00
admin	2730b695e7	feat: git, jelly file up again	2024-03-24 22:51:46 +01:00
admin	dbd396f613	feat: working tunnel with audio books	2024-03-24 22:37:16 +01:00