2024-08-24 22:16:51 -04:00
|
|
|
{pkgs, ...}: {
|
|
|
|
services.nginx = let
|
2024-08-24 23:09:23 -04:00
|
|
|
secrets = import ../modules/secrets.nix;
|
2024-08-24 22:16:51 -04:00
|
|
|
in {
|
|
|
|
enable = true;
|
|
|
|
package = (pkgs.nginx.override {
|
|
|
|
modules = with pkgs.nginxModules; [ rtmp ];
|
|
|
|
});
|
|
|
|
recommendedTlsSettings = true;
|
|
|
|
recommendedOptimisation = true;
|
|
|
|
recommendedGzipSettings = true;
|
|
|
|
recommendedProxySettings = true;
|
|
|
|
virtualHosts = {
|
2024-08-26 14:29:23 -04:00
|
|
|
# Landing page
|
2024-08-24 22:16:51 -04:00
|
|
|
"${secrets.jimDomain}" = {
|
|
|
|
enableACME = true;
|
|
|
|
addSSL = true;
|
2024-08-26 14:48:25 -04:00
|
|
|
root = ./websites/Jimbo-Landing-Page;
|
2024-08-24 22:16:51 -04:00
|
|
|
locations = {
|
2024-08-26 13:07:59 -04:00
|
|
|
"/.well-known/matrix/client" = {
|
|
|
|
extraConfig = ''
|
|
|
|
default_type application/json;
|
|
|
|
return 200 '
|
|
|
|
{
|
|
|
|
"m.homeserver": {
|
|
|
|
"base_url": "https://matrix.${secrets.jimDomain}"
|
|
|
|
},
|
|
|
|
"m.identity_server": {
|
|
|
|
"base_url": "https://matrix.org"
|
|
|
|
},
|
|
|
|
"org.matrix.msc3575.proxy": {
|
|
|
|
"url": "https://matrix.${secrets.jimDomain}"
|
|
|
|
}
|
|
|
|
}';
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
"/.well-known/matrix/server" = {
|
|
|
|
extraConfig = ''
|
2024-08-24 22:16:51 -04:00
|
|
|
default_type application/json;
|
2024-08-26 13:07:59 -04:00
|
|
|
return 200 '{"m.server": "matrix.${secrets.jimDomain}:443"}';
|
|
|
|
'';
|
|
|
|
};
|
2024-08-24 22:16:51 -04:00
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2024-08-26 14:29:23 -04:00
|
|
|
# Bluemap Proxy, TODO, move this into the nix-minecraft flake configs
|
2024-08-24 22:16:51 -04:00
|
|
|
"bluemap.${secrets.jimDomain}" = {
|
|
|
|
enableACME = true;
|
|
|
|
forceSSL = true;
|
|
|
|
locations."/" = {
|
|
|
|
proxyPass = "http://127.0.0.1:31010";
|
|
|
|
proxyWebsockets = true;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
appendConfig = ''
|
|
|
|
rtmp {
|
|
|
|
server {
|
|
|
|
listen 1935;
|
|
|
|
chunk_size 4096;
|
|
|
|
allow publish all;
|
|
|
|
application stream {
|
|
|
|
record off;
|
|
|
|
live on;
|
|
|
|
allow play all;
|
|
|
|
hls on;
|
|
|
|
hls_path /var/www/jimweb/streams/hls;
|
|
|
|
hls_fragment_naming system;
|
|
|
|
hls_fragment 3;
|
|
|
|
hls_playlist_length 40;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
2024-08-26 13:07:59 -04:00
|
|
|
# Allow Nginx to read and write to paths
|
2024-08-24 22:16:51 -04:00
|
|
|
systemd.services.nginx.serviceConfig = {
|
|
|
|
ReadWritePaths = [ "/var/www/jimweb/streams/hls/" ];
|
|
|
|
};
|
|
|
|
}
|