NixOS-Config/nixos/server/nginx.nix

82 lines
2.3 KiB
Nix
Raw Normal View History

2024-08-24 22:16:51 -04:00
{pkgs, ...}: {
services.nginx = let
secrets = import ../modules/secrets.nix;
2024-08-24 22:16:51 -04:00
in {
enable = true;
package = (pkgs.nginx.override {
modules = with pkgs.nginxModules; [ rtmp ];
});
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
recommendedProxySettings = true;
virtualHosts = {
2024-08-26 14:29:23 -04:00
# Landing page
2024-08-24 22:16:51 -04:00
"${secrets.jimDomain}" = {
enableACME = true;
addSSL = true;
2024-08-26 15:06:59 -04:00
root = "/etc/nixos/nixos/server/webpages/Jimbo-Landing-Page";
2024-08-24 22:16:51 -04:00
locations = {
"/.well-known/matrix/client" = {
extraConfig = ''
default_type application/json;
return 200 '
{
"m.homeserver": {
"base_url": "https://matrix.${secrets.jimDomain}"
},
"m.identity_server": {
"base_url": "https://matrix.org"
},
"org.matrix.msc3575.proxy": {
"url": "https://matrix.${secrets.jimDomain}"
}
}';
'';
};
"/.well-known/matrix/server" = {
extraConfig = ''
2024-08-24 22:16:51 -04:00
default_type application/json;
return 200 '{"m.server": "matrix.${secrets.jimDomain}:443"}';
'';
};
2024-08-24 22:16:51 -04:00
};
};
2024-08-26 14:29:23 -04:00
# Bluemap Proxy, TODO, move this into the nix-minecraft flake configs
2024-08-24 22:16:51 -04:00
"bluemap.${secrets.jimDomain}" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:31010";
proxyWebsockets = true;
};
};
};
appendConfig = ''
rtmp {
server {
listen 1935;
chunk_size 4096;
allow publish all;
application stream {
record off;
live on;
allow play all;
hls on;
hls_path /var/www/jimweb/streams/hls;
hls_fragment_naming system;
hls_fragment 3;
hls_playlist_length 40;
}
}
}
'';
};
# Allow Nginx to read and write to paths
2024-08-24 22:16:51 -04:00
systemd.services.nginx.serviceConfig = {
2024-08-26 15:06:59 -04:00
ReadWritePaths = [ "/etc/nixos/nixos/server/webpages/Jimbo-Landing-Page" ];
2024-08-24 22:16:51 -04:00
};
}