Touchups
This commit is contained in:
parent
cac7046d3c
commit
dcc845a67c
|
@ -1,5 +1,5 @@
|
|||
{pkgs, outputs, ...}: {
|
||||
# DDClient for Dynamic IPs
|
||||
# Dynamic IPs for Cloudflare records
|
||||
services.ddclient = {
|
||||
enable = true;
|
||||
protocol = "cloudflare";
|
||||
|
|
|
@ -8,9 +8,6 @@
|
|||
in {
|
||||
firewall = {
|
||||
allowPing = false;
|
||||
allowedTCPPortRanges = [
|
||||
{ from = 8100; to = 8150; } # Azuracast
|
||||
];
|
||||
|
||||
# Add extra input rules using nftables
|
||||
extraInputRules = ''
|
||||
|
|
|
@ -3,7 +3,6 @@
|
|||
environment.systemPackages = with pkgs; [
|
||||
mdadm
|
||||
];
|
||||
|
||||
services = {
|
||||
snowflake-proxy.enable = true;
|
||||
logrotate.checkConfig = false;
|
||||
|
|
|
@ -8,7 +8,7 @@
|
|||
https = true;
|
||||
config = {
|
||||
adminuser = "jimbo";
|
||||
adminpassFile = "/mnt/nextcloud/password.txt";
|
||||
adminpassFile = pkgs.writeText "nextpass" outputs.secrets.nextcloudPass;
|
||||
};
|
||||
settings = {
|
||||
trusted_proxies = [ "127.0.0.1" ];
|
||||
|
|
|
@ -17,19 +17,19 @@
|
|||
locations = {
|
||||
"/.well-known/matrix/client" = {
|
||||
extraConfig = ''
|
||||
default_type application/json;
|
||||
return 200 '
|
||||
{
|
||||
"m.homeserver": {
|
||||
"base_url": "https://matrix.${outputs.secrets.jimDomain}"
|
||||
},
|
||||
"m.identity_server": {
|
||||
"base_url": "https://matrix.org"
|
||||
},
|
||||
"org.matrix.msc3575.proxy": {
|
||||
"url": "https://matrix.${outputs.secrets.jimDomain}"
|
||||
}
|
||||
}';
|
||||
default_type application/json;
|
||||
return 200 '
|
||||
{
|
||||
"m.homeserver": {
|
||||
"base_url": "https://matrix.${outputs.secrets.jimDomain}"
|
||||
},
|
||||
"m.identity_server": {
|
||||
"base_url": "https://matrix.org"
|
||||
},
|
||||
"org.matrix.msc3575.proxy": {
|
||||
"url": "https://matrix.${outputs.secrets.jimDomain}"
|
||||
}
|
||||
}';
|
||||
'';
|
||||
};
|
||||
"/.well-known/matrix/server" = {
|
||||
|
@ -68,9 +68,7 @@
|
|||
};
|
||||
|
||||
# Open HTTP and HTTPs ports
|
||||
networking.firewall = {
|
||||
allowedTCPPorts = [
|
||||
80 443
|
||||
];
|
||||
};
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
80 443
|
||||
];
|
||||
}
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
{outputs, ...}: {
|
||||
# Photoprism
|
||||
services = {
|
||||
photoprism = {
|
||||
enable = true;
|
||||
|
|
|
@ -10,7 +10,6 @@
|
|||
|
||||
# Set the network config
|
||||
listeners = [{
|
||||
# Client config
|
||||
port = 8008;
|
||||
bind_addresses = [ "::" "0.0.0.0" ];
|
||||
resources = [ { compress = false; names = [ "client" "federation" ]; } ];
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
{outputs, ...}: let
|
||||
ips = import ../modules/ips.nix;
|
||||
in {
|
||||
# enable NAT
|
||||
# Enable NAT
|
||||
networking = {
|
||||
nat = {
|
||||
enable = true;
|
||||
|
|
BIN
secrets.nix
BIN
secrets.nix
Binary file not shown.
Loading…
Reference in a new issue