From f181bcb2e28f6372a9e6211d3759429aa49350f7 Mon Sep 17 00:00:00 2001 From: Danilo Reyes Date: Sun, 7 Sep 2025 22:38:03 -0600 Subject: [PATCH] vps adjustments --- hosts/server/configuration.nix | 2 ++ hosts/server/toggles.nix | 15 +++++++++--- .../servers/homepage/bookmarks/servers.nix | 2 +- modules/servers/homepage/widgets.nix | 6 ++--- modules/servers/multi-scrobbler.nix | 2 +- modules/servers/nextcloud.nix | 23 +++++++++++++++---- modules/servers/vaultwarden.nix | 3 ++- 7 files changed, 39 insertions(+), 14 deletions(-) diff --git a/hosts/server/configuration.nix b/hosts/server/configuration.nix index 9fdfbdc..1e7889c 100644 --- a/hosts/server/configuration.nix +++ b/hosts/server/configuration.nix @@ -13,6 +13,7 @@ 2049 # idk 9999 # stash 8384 # syncthing + 5201 # vps speed test config.my.servers.audiobookshelf.port config.my.servers.bazarr.port config.my.servers.collabora.port @@ -38,6 +39,7 @@ firewall = { allowedTCPPorts = ports; allowedUDPPorts = ports; + interfaces.wg0.allowedTCPPorts = [ 8081 ]; }; wireguard.interfaces.wg0 = { ips = [ "10.77.0.2/32" ]; diff --git a/hosts/server/toggles.nix b/hosts/server/toggles.nix index 648325c..b3c853f 100644 --- a/hosts/server/toggles.nix +++ b/hosts/server/toggles.nix @@ -3,6 +3,13 @@ let inherit name; value.enable = true; }; + mkEnabledIp = name: { + inherit name; + value = { + enable = true; + ip = "10.77.0.2"; + }; + }; mkEnabledProxy = name: { inherit name; value = { @@ -46,7 +53,7 @@ in "ffmpeg4discord" "manage-library" "library-report" - "update-dns" + # "update-dns" #vps "stream-dl" "pika-list" "find-dup-episodes" @@ -68,7 +75,6 @@ in # "stash" # ] # // enableList mkEnabledProxy [ - "audiobookshelf" "bazarr" "collabora" "homepage" @@ -84,7 +90,10 @@ in "ryot" "sonarr" "synapse" - "vaultwarden" "jellyfin" + ] + // enableList mkEnabledIp [ + "audiobookshelf" + "vaultwarden" ]; } diff --git a/modules/servers/homepage/bookmarks/servers.nix b/modules/servers/homepage/bookmarks/servers.nix index 2049747..f3be9fd 100644 --- a/modules/servers/homepage/bookmarks/servers.nix +++ b/modules/servers/homepage/bookmarks/servers.nix @@ -28,7 +28,7 @@ ]; } { - multi-scrobbpler = [ + multi-scrobbler = [ { abbr = "MS"; href = "https://scrobble.servidos.lat/"; diff --git a/modules/servers/homepage/widgets.nix b/modules/servers/homepage/widgets.nix index cf1f1b7..9694188 100644 --- a/modules/servers/homepage/widgets.nix +++ b/modules/servers/homepage/widgets.nix @@ -21,9 +21,9 @@ } { openweathermap = { - label = "Celaya"; - latitude = 20.5167; - longitude = -100.8167; + label = "Apodaca"; + latitude = 25.760339; + longitude = -100.2190662; units = "metric"; provider = "openweathermap"; cache = 5; diff --git a/modules/servers/multi-scrobbler.nix b/modules/servers/multi-scrobbler.nix index d8f16cb..54aa778 100644 --- a/modules/servers/multi-scrobbler.nix +++ b/modules/servers/multi-scrobbler.nix @@ -9,7 +9,7 @@ in networking.firewall.allowedTCPPorts = lib.mkIf (!cfg.isLocal) [ cfg.port ]; sops.secrets = lib.mkIf cfg.enable { multi-scrobbler.sopsFile = ../../secrets/env.yaml; }; virtualisation.oci-containers.containers.multi-scrobbler = lib.mkIf cfg.enable { - image = "foxxmd/multi-scrobbler:0.9.1"; + image = "foxxmd/multi-scrobbler:0.9.11"; ports = [ "${toString cfg.port}:${toString cfg.port}" ]; environmentFiles = [ config.sops.secrets.multi-scrobbler.path ]; environment = { diff --git a/modules/servers/nextcloud.nix b/modules/servers/nextcloud.nix index 052a375..8553d91 100644 --- a/modules/servers/nextcloud.nix +++ b/modules/servers/nextcloud.nix @@ -79,7 +79,7 @@ in services = { nextcloud = { enable = true; - https = true; + https = false; # vps package = pkgs.nextcloud31; appstoreEnable = true; configureRedis = true; @@ -127,6 +127,7 @@ in config.my.localhost config.my.localhost6 config.my.routerip + "10.77.0.1" # vps ]; trusted_domains = [ config.my.ips.${config.networking.hostName} @@ -172,10 +173,22 @@ in }; nginx.virtualHosts = { "${cfg.host}" = lib.mkIf cfg.enableProxy { - forceSSL = true; - enableACME = true; - http2 = true; - default = true; + forceSSL = false; # vps + enableACME = false; # vps + http2 = false; # vps + # default = true; #vps + #vps + listen = [ + { + addr = "10.77.0.2"; + port = 8081; + } + { + addr = "127.0.0.1"; + port = 8081; + } + ]; + #vps serverAliases = [ "cloud.rotehaare.art" ]; locations = { "/".proxyWebsockets = true; diff --git a/modules/servers/vaultwarden.nix b/modules/servers/vaultwarden.nix index bd2b51c..8b79204 100644 --- a/modules/servers/vaultwarden.nix +++ b/modules/servers/vaultwarden.nix @@ -20,7 +20,8 @@ in package = pkgs.vaultwarden; environmentFile = config.sops.secrets.vaultwarden.path; config = { - ROCKET_ADDRESS = "${config.my.localhost}"; + # ROCKET_ADDRESS = "${config.my.localhost}"; # VPS + ROCKET_ADDRESS = cfg.ip; ROCKET_PORT = cfg.port; WEBSOCKET_PORT = 8333; DATABASE_URL = "postgresql:///${cfg.name}?host=${config.my.postgresSocket}";