jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

servers now have an unique toggle for nginx

Browse Source
This commit is contained in:
Danilo Reyes
2024-08-24 20:55:42 -06:00
parent ad97dcf385
commit fb1a44d2ca
22 changed files with 142 additions and 171 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
modules/servers/audiobookshelf.nix
View File

@@ -4,27 +4,24 @@ in {
options.my.servers.audiobookshelf =
setup.mkOptions "audiobookshelf" "audiobooks" 5687;
config = lib.mkIf config.my.servers.audiobookshelf.enable {
services ={
services = {
audiobookshelf = {
enable = true;
group = "piracy";
port = cfg.port;
};
nginx = {
enable = true;
virtualHosts."${cfg.host}" = proxy {
"/" = {
proxyPass = cfg.local;
extraConfig = ''
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_redirect http:// https://;
'';
};
nginx.virtualHosts."${cfg.host}" = proxy {
"/" = {
proxyPass = cfg.local;
extraConfig = ''
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_redirect http:// https://;
'';
};
};
};

7
modules/servers/bazarr.nix
View File

@@ -6,11 +6,8 @@
enable = true;
group = "piracy";
};
nginx = {
enable = true;
virtualHosts."subs.${config.my.domain}" =
proxyReverse config.services.bazarr.listenPort // { };
};
nginx.virtualHosts."subs.${config.my.domain}" =
proxyReverse config.services.bazarr.listenPort // { };
};
};
}

1
modules/servers/flame.nix
View File

@@ -39,7 +39,6 @@ in {
};
};
services.nginx = {
enable = true;
virtualHosts."start.${config.my.domain}" = proxyReverse port // { };
virtualHosts."qampqwn4wprhqny8h8zj.${config.my.domain}" =
proxyReverse portSecret // { };

5
modules/servers/homepage.nix
View File

@@ -40,10 +40,7 @@ in {
];
}];
};
nginx = {
enable = true;
virtualHosts."home.${config.my.domain}" = proxyReverse port // { };
};
nginx.virtualHosts."home.${config.my.domain}" = proxyReverse port // { };
};
};
}

1
modules/servers/jellyfin.nix
View File

@@ -10,7 +10,6 @@ in {
group = "piracy";
};
nginx = {
enable = true;
appendHttpConfig = ''
# JELLYFIN
proxy_cache_path /var/cache/nginx/jellyfin-videos levels=1:2 keys_zone=jellyfin-videos:100m inactive=1d max_size=35000m;

7
modules/servers/kavita.nix
View File

@@ -15,11 +15,8 @@
enable = true;
tokenKeyFile = config.sops.secrets.kavita-token.path;
};
nginx = {
enable = true;
virtualHosts."library.${config.my.domain}" =
proxyReverse config.services.kavita.port // { };
};
nginx.virtualHosts."library.${config.my.domain}" =
proxyReverse config.services.kavita.port // { };
};
};
}

11
modules/servers/lidarr.nix
View File

@@ -15,9 +15,9 @@ in {
PGID = "100";
};
volumes = [
"/mnt/pool/multimedia:/data"
"/mnt/pool/multimedia/media/Music:/music"
"/mnt/pool/multimedia/media/MusicVideos:/music-videos"
"/mnt/btrfs/multimedia:/data"
"/mnt/btrfs/multimedia/media/Music:/music"
"/mnt/btrfs/multimedia/media/MusicVideos:/music-videos"
"${config.my.containerData}/lidarr/files:/config"
"${config.my.containerData}/lidarr/custom-services.d:/custom-services.d"
"${config.my.containerData}/lidarr/custom-cont-init.d:/custom-cont-init.d"
@@ -31,10 +31,7 @@ in {
};
services = {
lidarr.enable = true;
nginx = {
enable = true;
virtualHosts."${url}" = proxyReverseArr port // { };
};
nginx.virtualHosts."${url}" = proxyReverseArr port // { };
};
};
}

5
modules/servers/maloja.nix
View File

@@ -26,9 +26,6 @@ in {
"flame.icon" = "bookmark-music";
};
};
services.nginx = {
enable = true;
virtualHosts."${url}" = proxyReverse port // { };
};
services.nginx.virtualHosts."${url}" = proxyReverse port // { };
};
}

5
modules/servers/mealie.nix
View File

@@ -34,9 +34,6 @@ in {
"flame.icon" = "fridge";
};
};
services.nginx = {
enable = true;
virtualHosts."${domain}" = proxyReverse port // { };
};
services.nginx.virtualHosts."${domain}" = proxyReverse port // { };
};
}

6
modules/servers/metube.nix
View File

@@ -15,9 +15,7 @@ in {
YTDL_OPTIONS = ''{"cookiefile":"/cookies.txt"}'';
};
};
services.nginx = {
enable = true;
virtualHosts."bajameesta.${config.my.domain}" = proxyReverse port // { };
};
services.nginx.virtualHosts."bajameesta.${config.my.domain}" =
proxyReverse port // { };
};
}

7
modules/servers/microbin.nix
View File

@@ -17,11 +17,8 @@
MICROBIN_ENCRYPTION_SERVER_SIDE = true;
};
};
nginx = {
enable = true;
virtualHosts."copy.${config.my.domain}" =
proxyReverse config.services.microbin.settings.MICROBIN_PORT // { };
};
nginx.virtualHosts."copy.${config.my.domain}" =
proxyReverse config.services.microbin.settings.MICROBIN_PORT // { };
};
};
}

5
modules/servers/multi-scrobbler.nix
View File

@@ -29,9 +29,6 @@ in {
"flame.icon" = "broadcast";
};
};
services.nginx = {
enable = true;
virtualHosts."${domain}" = proxyReverse port // { };
};
services.nginx.virtualHosts."${domain}" = proxyReverse port // { };
};
}

81
modules/servers/nextcloud.nix
View File

@@ -131,54 +131,51 @@ in {
# phpExtraExtensions = all: [ all.pdlib all.bz2 ];
phpExtraExtensions = all: [ ];
};
nginx = {
enable = true;
virtualHosts = {
${config.services.nextcloud.hostName} = {
nginx.virtualHosts = {
${config.services.nextcloud.hostName} = {
forceSSL = true;
enableACME = true;
http2 = true;
serverAliases = [ "cloud.rotehaare.art" ];
locations = {
"/".proxyWebsockets = true;
"~ ^/nextcloud/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|oc[ms]-provider/.+|.+/richdocumentscode/proxy).php(?:$|/)" =
{ };
};
};
"collabora.${config.my.domain}" =
lib.mkIf config.my.servers.collabora.enable {
forceSSL = true;
enableACME = true;
http2 = true;
serverAliases = [ "cloud.rotehaare.art" ];
locations = {
"/".proxyWebsockets = true;
"~ ^/nextcloud/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|oc[ms]-provider/.+|.+/richdocumentscode/proxy).php(?:$|/)" =
{ };
};
};
"collabora.${config.my.domain}" =
lib.mkIf config.my.servers.collabora.enable {
forceSSL = true;
enableACME = true;
http2 = true;
locations = {
# static files
"^~ /loleaflet" = {
proxyPass = collaboraProxy;
extraConfig = commonProxyConfig;
};
# WOPI discovery URL
"^~ /hosting/discovery" = {
proxyPass = collaboraProxy;
extraConfig = commonProxyConfig;
};
# Capabilities
"^~ /hosting/capabilities" = {
proxyPass = collaboraProxy;
extraConfig = commonProxyConfig;
};
# download, presentation, image upload and websocket
"~ ^/lool" = {
proxyPass = collaboraProxy;
extraConfig = commonWebsocketConfig;
};
# Admin Console websocket
"^~ /lool/adminws" = {
proxyPass = collaboraProxy;
extraConfig = commonWebsocketConfig;
};
# static files
"^~ /loleaflet" = {
proxyPass = collaboraProxy;
extraConfig = commonProxyConfig;
};
# WOPI discovery URL
"^~ /hosting/discovery" = {
proxyPass = collaboraProxy;
extraConfig = commonProxyConfig;
};
# Capabilities
"^~ /hosting/capabilities" = {
proxyPass = collaboraProxy;
extraConfig = commonProxyConfig;
};
# download, presentation, image upload and websocket
"~ ^/lool" = {
proxyPass = collaboraProxy;
extraConfig = commonWebsocketConfig;
};
# Admin Console websocket
"^~ /lool/adminws" = {
proxyPass = collaboraProxy;
extraConfig = commonWebsocketConfig;
};
};
};
};
};
};
virtualisation.oci-containers.containers = {

7
modules/servers/prowlarr.nix
View File

@@ -7,11 +7,8 @@
};
services = {
prowlarr.enable = true;
nginx = {
enable = true;
virtualHosts."indexer.${config.my.domain}" = proxyReverseArr 9696
// { };
};
nginx.virtualHosts."indexer.${config.my.domain}" = proxyReverseArr 9696
// { };
};
virtualisation.oci-containers.containers.flaresolverr = {
autoStart = true;

7
modules/servers/qbittorrent.nix
View File

@@ -74,11 +74,8 @@ in {
};
};
};
services.nginx = {
enable = true;
virtualHosts."xfwmrle6h6skqujbeizw.${config.my.domain}" =
proxyReverse port // { };
};
services.nginx.virtualHosts."xfwmrle6h6skqujbeizw.${config.my.domain}" =
proxyReverse port // { };
networking.firewall = {
allowedTCPPorts = ports;
allowedUDPPorts = ports;

6
modules/servers/radarr.nix
View File

@@ -6,10 +6,8 @@
enable = true;
group = "piracy";
};
nginx = {
enable = true;
virtualHosts."movies.${config.my.domain}" = proxyReverseArr 7878 // { };
};
nginx.virtualHosts."movies.${config.my.domain}" = proxyReverseArr 7878
// { };
};
};
}

6
modules/servers/ryot.nix
View File

@@ -25,9 +25,7 @@ in {
"flame.icon" = "radar";
};
};
services.nginx = {
enable = true;
virtualHosts."tracker.${config.my.domain}" = proxyReverse port // { };
};
services.nginx.virtualHosts."tracker.${config.my.domain}" =
proxyReverse port // { };
};
}

7
modules/servers/shiori.nix
View File

@@ -13,11 +13,8 @@
environmentFile = config.sops.secrets.shiori.path;
databaseUrl = "postgres:///shiori?host=${config.my.postgresSocket}";
};
nginx = {
enable = true;
virtualHosts."bookmarks.${config.my.domain}" =
proxyReverse config.services.shiori.port // { };
};
nginx.virtualHosts."bookmarks.${config.my.domain}" =
proxyReverse config.services.shiori.port // { };
};
};
}

6
modules/servers/sonarr.nix
View File

@@ -6,10 +6,8 @@
enable = true;
group = "piracy";
};
nginx = {
enable = true;
virtualHosts."series.${config.my.domain}" = proxyReverse 8989 // { };
};
nginx.virtualHosts."series.${config.my.domain}" = proxyReverse 8989
// { };
};
};
}

7
modules/servers/vaultwarden.nix
View File

@@ -22,11 +22,8 @@
LOG_LEVEL = "warn";
};
};
nginx = {
enable = true;
virtualHosts."vault.${config.my.domain}" =
proxyReverse config.services.vaultwarden.config.ROCKET_PORT // { };
};
nginx.virtualHosts."vault.${config.my.domain}" =
proxyReverse config.services.vaultwarden.config.ROCKET_PORT // { };
};
};
}