Touchups
This commit is contained in:
parent
cac7046d3c
commit
dcc845a67c
|
@ -1,5 +1,5 @@
|
||||||
{pkgs, outputs, ...}: {
|
{pkgs, outputs, ...}: {
|
||||||
# DDClient for Dynamic IPs
|
# Dynamic IPs for Cloudflare records
|
||||||
services.ddclient = {
|
services.ddclient = {
|
||||||
enable = true;
|
enable = true;
|
||||||
protocol = "cloudflare";
|
protocol = "cloudflare";
|
||||||
|
|
|
@ -8,9 +8,6 @@
|
||||||
in {
|
in {
|
||||||
firewall = {
|
firewall = {
|
||||||
allowPing = false;
|
allowPing = false;
|
||||||
allowedTCPPortRanges = [
|
|
||||||
{ from = 8100; to = 8150; } # Azuracast
|
|
||||||
];
|
|
||||||
|
|
||||||
# Add extra input rules using nftables
|
# Add extra input rules using nftables
|
||||||
extraInputRules = ''
|
extraInputRules = ''
|
||||||
|
|
|
@ -3,7 +3,6 @@
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
mdadm
|
mdadm
|
||||||
];
|
];
|
||||||
|
|
||||||
services = {
|
services = {
|
||||||
snowflake-proxy.enable = true;
|
snowflake-proxy.enable = true;
|
||||||
logrotate.checkConfig = false;
|
logrotate.checkConfig = false;
|
||||||
|
|
|
@ -8,7 +8,7 @@
|
||||||
https = true;
|
https = true;
|
||||||
config = {
|
config = {
|
||||||
adminuser = "jimbo";
|
adminuser = "jimbo";
|
||||||
adminpassFile = "/mnt/nextcloud/password.txt";
|
adminpassFile = pkgs.writeText "nextpass" outputs.secrets.nextcloudPass;
|
||||||
};
|
};
|
||||||
settings = {
|
settings = {
|
||||||
trusted_proxies = [ "127.0.0.1" ];
|
trusted_proxies = [ "127.0.0.1" ];
|
||||||
|
|
|
@ -17,19 +17,19 @@
|
||||||
locations = {
|
locations = {
|
||||||
"/.well-known/matrix/client" = {
|
"/.well-known/matrix/client" = {
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
default_type application/json;
|
default_type application/json;
|
||||||
return 200 '
|
return 200 '
|
||||||
{
|
{
|
||||||
"m.homeserver": {
|
"m.homeserver": {
|
||||||
"base_url": "https://matrix.${outputs.secrets.jimDomain}"
|
"base_url": "https://matrix.${outputs.secrets.jimDomain}"
|
||||||
},
|
},
|
||||||
"m.identity_server": {
|
"m.identity_server": {
|
||||||
"base_url": "https://matrix.org"
|
"base_url": "https://matrix.org"
|
||||||
},
|
},
|
||||||
"org.matrix.msc3575.proxy": {
|
"org.matrix.msc3575.proxy": {
|
||||||
"url": "https://matrix.${outputs.secrets.jimDomain}"
|
"url": "https://matrix.${outputs.secrets.jimDomain}"
|
||||||
}
|
}
|
||||||
}';
|
}';
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
"/.well-known/matrix/server" = {
|
"/.well-known/matrix/server" = {
|
||||||
|
@ -68,9 +68,7 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
# Open HTTP and HTTPs ports
|
# Open HTTP and HTTPs ports
|
||||||
networking.firewall = {
|
networking.firewall.allowedTCPPorts = [
|
||||||
allowedTCPPorts = [
|
80 443
|
||||||
80 443
|
];
|
||||||
];
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
{outputs, ...}: {
|
{outputs, ...}: {
|
||||||
# Photoprism
|
|
||||||
services = {
|
services = {
|
||||||
photoprism = {
|
photoprism = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -10,7 +10,6 @@
|
||||||
|
|
||||||
# Set the network config
|
# Set the network config
|
||||||
listeners = [{
|
listeners = [{
|
||||||
# Client config
|
|
||||||
port = 8008;
|
port = 8008;
|
||||||
bind_addresses = [ "::" "0.0.0.0" ];
|
bind_addresses = [ "::" "0.0.0.0" ];
|
||||||
resources = [ { compress = false; names = [ "client" "federation" ]; } ];
|
resources = [ { compress = false; names = [ "client" "federation" ]; } ];
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
{outputs, ...}: let
|
{outputs, ...}: let
|
||||||
ips = import ../modules/ips.nix;
|
ips = import ../modules/ips.nix;
|
||||||
in {
|
in {
|
||||||
# enable NAT
|
# Enable NAT
|
||||||
networking = {
|
networking = {
|
||||||
nat = {
|
nat = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
BIN
secrets.nix
BIN
secrets.nix
Binary file not shown.
Loading…
Reference in a new issue