nyanloutre/nixos-config
1
1
Fork 1
Code Issues Pull Requests Releases Wiki Activity
edb891e224
nixos-config/systems/LoutreOS/web.nix

114 lines
3.8 KiB
Nix
Raw Blame History

{ config, lib, pkgs, ... }:
with lib;
let
domaine = "nyanlout.re";
jellyfin_backend = ''
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
'';
sonarr_acl = ''
acl API path_beg /api
'';
sonarr_auth = ''
!AUTH_OK !API
'';
in
{
services = {
haproxy-acme = {
enable = true;
domaine = domaine;
services = {
"grafana.${domaine}" = { ip = "127.0.0.1"; port = config.services.grafana.port; auth = true; };
"emby.${domaine}" = { ip = "127.0.0.1"; port = 8096; auth = false; extraBackend = jellyfin_backend; };
"radarr.${domaine}" = { ip = "127.0.0.1"; port = 7878; auth = true; extraAcls = sonarr_acl; aclBool = sonarr_auth; };
"sonarr.${domaine}" = { ip = "127.0.0.1"; port = 8989; auth = true; extraAcls = sonarr_acl; aclBool = sonarr_auth; };
"transmission.${domaine}" = { ip = "127.0.0.1"; port = config.services.transmission.port; auth = true; };
"syncthing.${domaine}" = { ip = "127.0.0.1"; port = 8384; auth = true; };
"jackett.${domaine}" = { ip = "127.0.0.1"; port = 9117; auth = true; };
"searx.${domaine}" = { ip = "127.0.0.1"; port = 8888; auth = false; };
"riot.${domaine}" = { ip = "127.0.0.1"; port = (findFirst (x: x.addr == "127.0.0.1") "" config.services.nginx.virtualHosts.riot.listen).port; auth = false; };
"matrix.${domaine}" = { ip = "127.0.0.1"; port = 8008; auth = false; };
"pgmanage.${domaine}" = { ip = "127.0.0.1"; port = config.services.pgmanage.port; auth = true; };
"gitea.${domaine}" = { ip = "127.0.0.1"; port = config.services.gitea.httpPort; auth = false; };
"ci.${domaine}" = { ip = "127.0.0.1"; port = 52350; auth = false; };
"factorio.${domaine}" = { ip = "127.0.0.1"; port = (findFirst (x: x.addr == "127.0.0.1") "" config.services.nginx.virtualHosts.factorio.listen).port; auth = false; };
"airsonic.${domaine}" = { ip = "127.0.0.1"; port = 4040; auth = false; };
"${domaine}" = { ip = "127.0.0.1"; port = (findFirst (x: x.addr == "127.0.0.1") "" config.services.nginx.virtualHosts.wkd.listen).port; auth = false; };
};
};
searx.enable = true;
nginx = {
enable = true;
virtualHosts = {
"riot" = {
listen = [ { addr = "127.0.0.1"; port = 52345; } ];
locations = { "/" = { root = pkgs.riot-web; }; };
};
"factorio" = {
listen = [ { addr = "127.0.0.1"; port = 52351; } ];
locations = { "/" = { root = "/var/www/factorio"; }; };
};
"wkd" = {
listen = [ { addr = "127.0.0.1"; port = 52352; } ];
locations = { "/.well-known/openpgpkey/" = {
alias = "/var/lib/gnupg/wks/nyanlout.re";
extraConfig = ''
add_header Access-Control-Allow-Origin * always;
'';
}; };
};
};
};
postgresql.enable = true;
pgmanage = {
enable = true;
port = 52347;
connections = {
localhost = "hostaddr=127.0.0.1 port=5432 dbname=postgres";
};
};
gitea = {
enable = true;
cookieSecure = true;
httpPort = 3001;
rootUrl = "https://gitea.nyanlout.re/";
database = {
type = "postgres";
port = 5432;
passwordFile = "/var/lib/gitea/custom/conf/database_password";
};
log.level = "Warn";
extraConfig = ''
[ui]
DEFAULT_THEME = arc-green
[service]
DISABLE_REGISTRATION = true
'';
};
python-ci.enable = true;
site-musique = {
enable = true;
port = 52349;
domaine = "musique-meyenheim.fr";
};
site-max = {
enable = true;
port = 52348;
domaine = "maxspiegel.fr";
};
};
}
Reference in New Issue View Git Blame Copy Permalink