server-conf-1-HP/server/nginx.nix
2024-10-25 22:57:47 -04:00

98 lines
2.1 KiB
Nix

{ pkgs, ... }: {
services.nginx = {
enable = true;
package = pkgs.nginx.override {
modules = with pkgs.nginxModules; [ rtmp ];
};
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
recommendedProxySettings = true;
virtualHosts = {
"www.lunamoonlight.xyz" = {
enableACME = true;
addSSL = true;
root = "/var/www/luna";
};
"www.bloxelcom.net" = {
enableACME = true;
addSSL = true;
root = "/var/www/bloxnet";
};
"nextcloud.bloxelcom.net" = {
enableACME = true;
addSSL = true;
root = "/var/www/bloxnet";
};
"radio.bloxelcom.net" = {
enableACME = true;
addSSL = true;
root = "/var/www/bloxnet";
};
# Nextcloud Proxy
"nextcloud.lunamoonlight.xyz" = {
enableACME = true;
addSSL = true;
locations."/" = {
proxyWebsockets = true;
extraConfig = ''
location /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
'';
};
};
};
appendConfig = ''
rtmp {
server {
listen 1935;
chunk_size 4096;
allow publish all;
application stream {
record off;
live on;
allow play all;
}
}
}
'';
};
# Nextcloud server
services.nextcloud = {
enable = true;
package = pkgs.nextcloud29;
hostName = "nextcloud.lunamoonlight.xyz";
datadir = "/mnt/nextcloud";
https = true;
config = {
adminuser = "luna";
adminpassFile = "/mnt/nextcloud/password.txt";
};
settings = {
trusted_proxies = [ "127.0.0.1" ];
trusted_domains = [
"nextcloud.lunamoonlight.xyz"
"www.lunamoonlight.xyz" # Add this line
];
overwriteprotocol = "https";
};
};
# Open HTTP and HTTPS ports
networking.firewall = {
allowedTCPPorts = [ 80 443 ];
};
}