server-conf-1-HP/server/nginx.nix

98 lines
2.2 KiB
Nix
Raw Permalink Normal View History

2024-10-25 21:31:27 -04:00
{ pkgs, ... }: {
services.nginx = {
enable = true;
2024-10-25 21:31:27 -04:00
package = pkgs.nginx.override {
modules = with pkgs.nginxModules; [ rtmp ];
2024-10-25 21:31:27 -04:00
};
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
recommendedProxySettings = true;
2024-10-25 21:31:27 -04:00
virtualHosts = {
2024-10-25 21:31:27 -04:00
"www.lunamoonlight.xyz" = {
enableACME = true;
addSSL = true;
2024-10-25 21:38:49 -04:00
root = "/var/www/luna";
2024-10-25 21:31:27 -04:00
};
2024-10-25 22:56:20 -04:00
"www.bloxelcom.net" = {
enableACME = true;
addSSL = true;
root = "/var/www/bloxnet";
};
"nextcloud.bloxelcom.net" = {
enableACME = true;
addSSL = true;
2024-10-25 22:57:47 -04:00
root = "/var/www/bloxnet";
2024-10-25 22:56:20 -04:00
};
"radio.bloxelcom.net" = {
enableACME = true;
addSSL = true;
2024-10-25 22:57:47 -04:00
root = "/var/www/bloxnet";
2024-10-25 22:56:20 -04:00
};
2024-10-25 21:31:27 -04:00
# Nextcloud Proxy
"nextcloud.lunamoonlight.xyz" = {
enableACME = true;
addSSL = true;
locations."/" = {
proxyWebsockets = true;
extraConfig = ''
location /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
'';
};
};
};
appendConfig = ''
rtmp {
server {
listen 1935;
chunk_size 4096;
allow publish all;
application stream {
record off;
live on;
allow play all;
}
}
}
'';
};
# Nextcloud server
services.nextcloud = {
enable = true;
package = pkgs.nextcloud29;
hostName = "nextcloud.lunamoonlight.xyz";
datadir = "/mnt/nextcloud";
https = true;
config = {
adminuser = "luna";
adminpassFile = "/mnt/nextcloud/password.txt";
};
settings = {
trusted_proxies = [ "127.0.0.1" ];
2024-10-25 21:49:05 -04:00
trusted_domains = [
"nextcloud.lunamoonlight.xyz"
"www.lunamoonlight.xyz" # Add this line
];
2024-10-25 21:31:27 -04:00
overwriteprotocol = "https";
};
};
2024-10-25 21:31:27 -04:00
# Open HTTP and HTTPS ports
networking.firewall = {
2024-10-27 16:27:25 -04:00
allowedTCPPorts = [ 80 443 1935 ];
};
}