From ffbbeee9f72cb2316993e1a31a9f0b928e616a25 Mon Sep 17 00:00:00 2001 From: Dmitriy Kholkin Date: Sat, 28 Dec 2024 11:44:59 +0300 Subject: [PATCH] enable multiple server profiles on hypervisor --- machines/Home-Hypervisor/default.nix | 11 +++---- machines/Home-Hypervisor/nginx.nix | 47 +++++++++++++++++++++++++--- profiles/servers/nginx.nix | 1 + 3 files changed, 49 insertions(+), 10 deletions(-) diff --git a/machines/Home-Hypervisor/default.nix b/machines/Home-Hypervisor/default.nix index 2b2965c..ebc896a 100644 --- a/machines/Home-Hypervisor/default.nix +++ b/machines/Home-Hypervisor/default.nix @@ -1,6 +1,5 @@ { inputs, lib, pkgs, config, ... }: -let persistRoot = config.autoinstall.persist.persistRoot or "/persist"; -in { +{ imports = with inputs.self; [ inputs.disko.nixosModules.disko inputs.srvos.nixosModules.server @@ -29,8 +28,8 @@ in { customProfiles.gitea # customProfiles.homepage # customProfiles.hoyolab - # customProfiles.inpx-web - # customProfiles.it-tools + customProfiles.inpx-web + customProfiles.it-tools customProfiles.media-stack # customProfiles.metrics # customProfiles.minio @@ -46,8 +45,8 @@ in { customProfiles.tinyproxy # customProfiles.vault customProfiles.vaultwarden - # customProfiles.webhooks - # customProfiles.wiki + customProfiles.webhooks + customProfiles.wiki # customProfiles.yandex-db # (import customProfiles.blocky { diff --git a/machines/Home-Hypervisor/nginx.nix b/machines/Home-Hypervisor/nginx.nix index e548922..9e81c19 100644 --- a/machines/Home-Hypervisor/nginx.nix +++ b/machines/Home-Hypervisor/nginx.nix @@ -1,7 +1,8 @@ -{ ... }: +{ pkgs, ... }: { services.nginx = { enable = true; + package = pkgs.nginxQuic; group = "acme"; recommendedBrotliSettings = true; recommendedGzipSettings = true; @@ -29,7 +30,6 @@ in { "media-stack" = { serverAliases = [ - "jellyfin.ataraxiadev.com" "qbit.ataraxiadev.com" "prowlarr.ataraxiadev.com" "jackett.ataraxiadev.com" @@ -61,11 +61,33 @@ '' + proxySettings; }; } // default; - "ataraxiadev.com" = { + "jellyfin.ataraxiadev.com" = { + locations."/" = { + proxyPass = "http://127.0.0.1:8180"; + extraConfig = '' + proxy_buffering off; + '' + proxySettings; + }; + locations."/socket" = { + proxyPass = "http://127.0.0.1:8180"; + proxyWebsockets = true; + extraConfig = proxySettings; + }; extraConfig = '' - return 301 https://code.ataraxiadev.com$request_uri; + client_max_body_size 50M; ''; } // default; + "ataraxiadev.com" = { + locations."/" = { + root = "/srv/http/ataraxiadev.com/docroot"; + extraConfig = '' + try_files $uri $uri/ =404; + ''; + }; + locations."/hooks" = { + proxyPass = "http://127.0.0.1:9510/hooks"; + }; + } // default; "cal.ataraxiadev.com" = { locations."/" = { proxyPass = "http://127.0.0.1:5232"; @@ -78,6 +100,17 @@ extraConfig = proxySettings; }; } // default; + "lib.ataraxiadev.com" = { + locations."/" = { + proxyPass = "http://127.0.0.1:8072"; + proxyWebsockets = true; + }; + } // default; + "tools.ataraxiadev.com" = { + locations."/" = { + proxyPass = "http://127.0.0.1:8070"; + }; + } // default; "vw.ataraxiadev.com" = { locations."/" = { proxyPass = "http://127.0.0.1:8812"; @@ -93,8 +126,14 @@ extraConfig = proxySettings; }; } // default; + "wiki.ataraxiadev.com" = { + locations."/" = { + proxyPass = "http://127.0.0.1:8190"; + }; + } // default; }; }; networking.firewall.allowedTCPPorts = [ 80 443 ]; + networking.firewall.allowedUDPPorts = [ 80 443 ]; } diff --git a/profiles/servers/nginx.nix b/profiles/servers/nginx.nix index 8bd08ab..68884b1 100644 --- a/profiles/servers/nginx.nix +++ b/profiles/servers/nginx.nix @@ -56,6 +56,7 @@ let in { services.nginx = { enable = true; + package = pkgs.nginxQuic; group = "acme"; recommendedBrotliSettings = true; recommendedGzipSettings = true;