Update server/nginx.nix
This commit is contained in:
parent
fc6ebcd94f
commit
cee5bbd28d
|
@ -1,26 +1,75 @@
|
|||
{ pkgs, ... }: {
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
package = (pkgs.nginx.override {
|
||||
package = pkgs.nginx.override {
|
||||
modules = with pkgs.nginxModules; [ rtmp ];
|
||||
});
|
||||
};
|
||||
recommendedTlsSettings = true;
|
||||
recommendedOptimisation = true;
|
||||
recommendedGzipSettings = true;
|
||||
recommendedProxySettings = true;
|
||||
|
||||
virtualHosts = {
|
||||
"lunamoonlight.xyz" = {
|
||||
"www.lunamoonlight.xyz" = {
|
||||
enableACME = true;
|
||||
addSSL = true;
|
||||
root = "/var/www/lunalanding";
|
||||
};
|
||||
|
||||
# Nextcloud Proxy
|
||||
"nextcloud.lunamoonlight.xyz" = {
|
||||
enableACME = true;
|
||||
addSSL = true;
|
||||
locations."/" = {
|
||||
proxyWebsockets = true;
|
||||
extraConfig = ''
|
||||
location /.well-known/carddav {
|
||||
return 301 $scheme://$host/remote.php/dav;
|
||||
}
|
||||
location /.well-known/caldav {
|
||||
return 301 $scheme://$host/remote.php/dav;
|
||||
}
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
# Open HTTP and HTTPs ports
|
||||
appendConfig = ''
|
||||
rtmp {
|
||||
server {
|
||||
listen 1935;
|
||||
chunk_size 4096;
|
||||
allow publish all;
|
||||
application stream {
|
||||
record off;
|
||||
live on;
|
||||
allow play all;
|
||||
}
|
||||
}
|
||||
}
|
||||
'';
|
||||
};
|
||||
|
||||
# Nextcloud server
|
||||
services.nextcloud = {
|
||||
enable = true;
|
||||
package = pkgs.nextcloud29;
|
||||
hostName = "nextcloud.lunamoonlight.xyz";
|
||||
datadir = "/mnt/nextcloud";
|
||||
https = true;
|
||||
config = {
|
||||
adminuser = "luna";
|
||||
adminpassFile = "/mnt/nextcloud/password.txt";
|
||||
};
|
||||
settings = {
|
||||
trusted_proxies = [ "127.0.0.1" ];
|
||||
trusted_domains = [ "nextcloud.lunamoonlight.xyz" ];
|
||||
overwriteprotocol = "https";
|
||||
};
|
||||
};
|
||||
|
||||
# Open HTTP and HTTPS ports
|
||||
networking.firewall = {
|
||||
allowedTCPPorts = [
|
||||
80 443
|
||||
];
|
||||
allowedTCPPorts = [ 80 443 ];
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue