jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

disabled all /mnt/pool dependent servers

Browse Source
This commit is contained in:
Danilo Reyes
2024-01-10 11:39:01 -06:00
parent dcc2d9a6c1
commit 0dbf16ac98
5 changed files with 443 additions and 439 deletions
Download Patch File Download Diff File Expand all files Collapse all files

242
server/nginx.nix
View File

@@ -65,13 +65,13 @@ in {
'';
};
in {
"movies.${domain}" = proxyArr radarrPort // { };
"indexer.${domain}" = proxyArr prowlarrPort // { };
"music.${domain}" = proxyArr lidarrPort // { };
"library.${domain}" = proxy kavitaPort // { };
# "movies.${domain}" = proxyArr radarrPort // { };
# "indexer.${domain}" = proxyArr prowlarrPort // { };
# "music.${domain}" = proxyArr lidarrPort // { };
# "library.${domain}" = proxy kavitaPort // { };
"start.${domain}" = proxy flamePort // { };
"subs.${domain}" = proxy bazarrPort // { };
"series.${domain}" = proxy sonarrPort // { };
# "subs.${domain}" = proxy bazarrPort // { };
# "series.${domain}" = proxy sonarrPort // { };
"vault.${domain}" = proxy vaultPort // { };
"copy.${domain}" = proxy microbinPort // { };
"mealie.${domain}" = proxy mealiePort // { };
@@ -96,128 +96,128 @@ in {
'';
};
};
"flix.${domain}" = {
forceSSL = true;
enableACME = true;
http2 = true;
extraConfig = ''
# use a variable to store the upstream proxy
# in this example we are using a hostname which is resolved via DNS
# (if you aren't using DNS remove the resolver line and change the variable to point to an IP address
resolver ${localhost} valid=30;
# "flix.${domain}" = {
# forceSSL = true;
# enableACME = true;
# http2 = true;
# extraConfig = ''
# # use a variable to store the upstream proxy
# # in this example we are using a hostname which is resolved via DNS
# # (if you aren't using DNS remove the resolver line and change the variable to point to an IP address
# resolver ${localhost} valid=30;
location = / {
return 302 http://$host/web/;
#return 302 https://$host/web/;
}
# location = / {
# return 302 http://$host/web/;
# #return 302 https://$host/web/;
# }
location = /web/ {
# Proxy main Jellyfin traffic
proxy_pass http://${localhost}:${
toString (jellyfinPort)
}/web/index.html;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-Host $http_host;
}
'';
locations = {
"/" = {
proxyPass = "http://${localhost}:${toString (jellyfinPort)}";
proxyWebsockets = true;
};
"/socket" = {
proxyPass = "http://${localhost}:${toString (jellyfinPort)}";
extraConfig = ''
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
'';
};
"~ /Items/(.*)/Images" = {
proxyPass = "http://${localhost}:${toString (jellyfinPort)}";
extraConfig = ''
proxy_cache jellyfin;
proxy_cache_revalidate on;
proxy_cache_lock on;
'';
};
"~* ^/Videos/(.*)/(?!live)" = {
proxyPass = "http://${localhost}:${toString (jellyfinPort)}";
extraConfig = ''
# Set size of a slice (this amount will be always requested from the backend by nginx)
# Higher value means more latency, lower more overhead
# This size is independent of the size clients/browsers can request
# slice 2m;
# location = /web/ {
# # Proxy main Jellyfin traffic
# proxy_pass http://${localhost}:${
# toString (jellyfinPort)
# }/web/index.html;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
# proxy_set_header X-Forwarded-Protocol $scheme;
# proxy_set_header X-Forwarded-Host $http_host;
# }
# '';
# locations = {
# "/" = {
# proxyPass = "http://${localhost}:${toString (jellyfinPort)}";
# proxyWebsockets = true;
# };
# "/socket" = {
# proxyPass = "http://${localhost}:${toString (jellyfinPort)}";
# extraConfig = ''
# proxy_http_version 1.1;
# proxy_set_header Upgrade $http_upgrade;
# proxy_set_header Connection "upgrade";
# '';
# };
# "~ /Items/(.*)/Images" = {
# proxyPass = "http://${localhost}:${toString (jellyfinPort)}";
# extraConfig = ''
# proxy_cache jellyfin;
# proxy_cache_revalidate on;
# proxy_cache_lock on;
# '';
# };
# "~* ^/Videos/(.*)/(?!live)" = {
# proxyPass = "http://${localhost}:${toString (jellyfinPort)}";
# extraConfig = ''
# # Set size of a slice (this amount will be always requested from the backend by nginx)
# # Higher value means more latency, lower more overhead
# # This size is independent of the size clients/browsers can request
# # slice 2m;
proxy_cache jellyfin-videos;
proxy_cache_valid 200 206 301 302 30d;
proxy_ignore_headers Expires Cache-Control Set-Cookie X-Accel-Expires;
proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;
proxy_connect_timeout 15s;
proxy_http_version 1.1;
proxy_set_header Connection "";
# Transmit slice range to the backend
proxy_set_header Range 2m;
# proxy_cache jellyfin-videos;
# proxy_cache_valid 200 206 301 302 30d;
# proxy_ignore_headers Expires Cache-Control Set-Cookie X-Accel-Expires;
# proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;
# proxy_connect_timeout 15s;
# proxy_http_version 1.1;
# proxy_set_header Connection "";
# # Transmit slice range to the backend
# proxy_set_header Range 2m;
# This saves bandwidth between the proxy and jellyfin, as a file is only downloaded one time instead of multiple times when multiple clients want to at the same time
# The first client will trigger the download, the other clients will have to wait until the slice is cached
# Esp. practical during SyncPlay
proxy_cache_lock on;
proxy_cache_lock_age 60s;
# # This saves bandwidth between the proxy and jellyfin, as a file is only downloaded one time instead of multiple times when multiple clients want to at the same time
# # The first client will trigger the download, the other clients will have to wait until the slice is cached
# # Esp. practical during SyncPlay
# proxy_cache_lock on;
# proxy_cache_lock_age 60s;
proxy_cache_key "jellyvideo$uri?MediaSourceId=$arg_MediaSourceId&VideoCodec=$arg_VideoCodec&AudioCodec=$arg_AudioCodec&AudioStreamIndex=$arg_AudioStreamIndex&VideoBitrate=$arg_VideoBitrate&AudioBitrate=$arg_AudioBitrate&SubtitleMethod=$arg_SubtitleMethod&TranscodingMaxAudioChannels=$arg_TranscodingMaxAudioChannels&RequireAvc=$arg_RequireAvc&SegmentContainer=$arg_SegmentContainer&MinSegments=$arg_MinSegments&BreakOnNonKeyFrames=$arg_BreakOnNonKeyFrames&h264-profile=$h264Profile&h264-level=$h264Level&slicerange=2m";
# proxy_cache_key "jellyvideo$uri?MediaSourceId=$arg_MediaSourceId&VideoCodec=$arg_VideoCodec&AudioCodec=$arg_AudioCodec&AudioStreamIndex=$arg_AudioStreamIndex&VideoBitrate=$arg_VideoBitrate&AudioBitrate=$arg_AudioBitrate&SubtitleMethod=$arg_SubtitleMethod&TranscodingMaxAudioChannels=$arg_TranscodingMaxAudioChannels&RequireAvc=$arg_RequireAvc&SegmentContainer=$arg_SegmentContainer&MinSegments=$arg_MinSegments&BreakOnNonKeyFrames=$arg_BreakOnNonKeyFrames&h264-profile=$h264Profile&h264-level=$h264Level&slicerange=2m";
# add_header X-Cache-Status $upstream_cache_status; # This is only for debugging cache
'';
};
};
};
${config.services.nextcloud.hostName} = {
forceSSL = true;
enableACME = true;
http2 = true;
serverAliases = [ "cloud.rotehaare.art" ];
locations = {
"/".proxyWebsockets = true;
# uh, equals what?
"~ ^/nextcloud/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|oc[ms]-provider/.+|.+/richdocumentscode/proxy).php(?:$|/)" =
{ };
};
};
# # add_header X-Cache-Status $upstream_cache_status; # This is only for debugging cache
# '';
# };
# };
# };
# ${config.services.nextcloud.hostName} = {
# forceSSL = true;
# enableACME = true;
# http2 = true;
# serverAliases = [ "cloud.rotehaare.art" ];
# locations = {
# "/".proxyWebsockets = true;
# # uh, equals what?
# "~ ^/nextcloud/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|oc[ms]-provider/.+|.+/richdocumentscode/proxy).php(?:$|/)" =
# { };
# };
# };
"collabora.${domain}" = let
collaboraString = "http://${localhost}:${toString (collaboraPort)}";
collaboraProxy = {
proxyPass = collaboraString;
extraConfig = ''
proxy_set_header Host $host;
'';
};
collaboraSocket = {
proxyPass = collaboraString;
extraConfig = ''
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_read_timeout 36000s;
'';
};
in base {
# static files
"^~ /loleaflet" = collaboraProxy;
# WOPI discovery URL
"^~ /hosting/discovery" = collaboraProxy;
# Capabilities
"^~ /hosting/capabilities" = collaboraProxy;
# download, presentation, image upload and websocket
"~ ^/lool" = collaboraSocket;
# Admin Console websocket
"^~ /lool/adminws" = collaboraSocket;
};
# "collabora.${domain}" = let
# collaboraString = "http://${localhost}:${toString (collaboraPort)}";
# collaboraProxy = {
# proxyPass = collaboraString;
# extraConfig = ''
# proxy_set_header Host $host;
# '';
# };
# collaboraSocket = {
# proxyPass = collaboraString;
# extraConfig = ''
# proxy_set_header Upgrade $http_upgrade;
# proxy_set_header Connection "Upgrade";
# proxy_set_header Host $host;
# proxy_read_timeout 36000s;
# '';
# };
# in base {
# # static files
# "^~ /loleaflet" = collaboraProxy;
# # WOPI discovery URL
# "^~ /hosting/discovery" = collaboraProxy;
# # Capabilities
# "^~ /hosting/capabilities" = collaboraProxy;
# # download, presentation, image upload and websocket
# "~ ^/lool" = collaboraSocket;
# # Admin Console websocket
# "^~ /lool/adminws" = collaboraSocket;
# };
};
};
networking = {