2 last months
This commit is contained in:
		
							parent
							
								
									93b47ba108
								
							
						
					
					
						commit
						bd629aff60
					
				
					 63 changed files with 963 additions and 1103 deletions
				
			
		
							
								
								
									
										0
									
								
								hosts/greatyamada/services/adguardhome.nix
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										0
									
								
								hosts/greatyamada/services/adguardhome.nix
									
										
									
									
									
										Normal file
									
								
							|  | @ -1 +1,12 @@ | |||
| { ... }: { imports = [ ./nginx.nix ./forgejo.nix ]; } | ||||
| { ... }: { | ||||
|   imports = [ | ||||
|     ./nginx.nix | ||||
|     ./forgejo.nix | ||||
|     ./invidious.nix | ||||
|     ./jellyfin.nix | ||||
|     ./postgresql.nix | ||||
|     ./radicale.nix | ||||
|   ]; | ||||
|   # TODO: adguardhome matrix matrix-second minecraft terraria factorio coturn mautrix-whatsapp wireguard | ||||
|   # paperlessngx | ||||
| } | ||||
|  |  | |||
|  | @ -40,12 +40,10 @@ in { | |||
|         }; | ||||
|       }; | ||||
|     }; | ||||
|     nginx = { | ||||
|       virtualHosts."git.rcia.dev" = { | ||||
|         locations."/" = { | ||||
|           proxyPass = "http://127.0.0.1:3000"; | ||||
|           clientMaxBodySize = "200M"; | ||||
|         }; | ||||
|     nginx.virtualHosts."git.rcia.dev" = { | ||||
|       locations."/" = { | ||||
|         proxyPass = "http://127.0.0.1:3000"; | ||||
|         clientMaxBodySize = "200M"; | ||||
|       }; | ||||
|     }; | ||||
|   }; | ||||
|  |  | |||
							
								
								
									
										40
									
								
								hosts/greatyamada/services/invidious.nix
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										40
									
								
								hosts/greatyamada/services/invidious.nix
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,40 @@ | |||
| { ... }: | ||||
| let nginxLocalServiceConfig = import ./nginx-local-config.nix; | ||||
| in { | ||||
|   services = { | ||||
|     invidious = { | ||||
|       enable = true; | ||||
|       settings = { | ||||
|         check_tables = true; | ||||
|         db.user = "invidious"; | ||||
|         default_user_preferences = { | ||||
|           locale = "es"; | ||||
|           dark_mode = "dark"; | ||||
|           autoplay = true; | ||||
|           video_loop = true; | ||||
|           quality = "dash"; | ||||
|           volume = 20; | ||||
|         }; | ||||
|       }; | ||||
|       database = { | ||||
|         createLocally = false; | ||||
|         passwordFile = "/var/lib/invidious/db_password"; | ||||
|       }; | ||||
|       hmacKeyFile = "/var/lib/invidious/hmac_key"; | ||||
|     }; | ||||
|     nginx.virtualHosts."iv.rcia.dev" = { | ||||
|       locations."/" = { proxyPass = "http://127.0.0.1:3000"; }; | ||||
|       extraConfig = nginxLocalServiceConfig; | ||||
|     }; | ||||
|   }; | ||||
|   sops.secrets = { | ||||
|     "invidious/db_password" = { | ||||
|       path = "/var/lib/invidious/db_password"; | ||||
|       owner = "invidious"; | ||||
|     }; | ||||
|     "invidious/hmac" = { | ||||
|       path = "/var/lib/invidious/hmac_key"; | ||||
|       owner = "invidious"; | ||||
|     }; | ||||
|   }; | ||||
| } | ||||
							
								
								
									
										20
									
								
								hosts/greatyamada/services/jellyfin.nix
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										20
									
								
								hosts/greatyamada/services/jellyfin.nix
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,20 @@ | |||
| { pkgs, ... }: | ||||
| let | ||||
|   jellyfinPath = "/mnt/Datos/jellyfin/"; | ||||
|   nginxLocalServiceConfig = import ./nginx-local-config.nix; | ||||
| in { | ||||
|   services = { | ||||
|     jellyfin = { | ||||
|       enable = true; | ||||
|       configDir = jellyfinPath + "config/"; | ||||
|       dataDir = jellyfinPath + "data/"; | ||||
|     }; | ||||
|     nginx.virtualHosts."jellyfin.rcia.dev" = { | ||||
|       locations."/" = { | ||||
|         proxyPass = "http://127.0.0.1:8096"; | ||||
|         clientMaxBodySize = "10M"; | ||||
|       }; | ||||
|       extraConfig = nginxLocalServiceConfig; | ||||
|     }; | ||||
|   }; | ||||
| } | ||||
							
								
								
									
										14
									
								
								hosts/greatyamada/services/matrix-internal.nix
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										14
									
								
								hosts/greatyamada/services/matrix-internal.nix
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,14 @@ | |||
| { }: { | ||||
|   containers.matrix-bridges = { | ||||
|     autoStart = true; | ||||
|     config = { config, pkgs }: { | ||||
|       services.matrix-synapse = { | ||||
|         enable = true; | ||||
|         settings = { | ||||
|           server_name = "matrix-int.rcia.dev"; | ||||
|           listeners = [ { } ]; | ||||
|         }; | ||||
|       }; | ||||
|     }; | ||||
|   }; | ||||
| } | ||||
							
								
								
									
										34
									
								
								hosts/greatyamada/services/matrix.nix
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										34
									
								
								hosts/greatyamada/services/matrix.nix
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,34 @@ | |||
| { pkgs, ... }: | ||||
| let dataDir = "/mnt/Datos/synapse"; | ||||
| in { | ||||
|   services.matrix-synapse = { | ||||
|     enable = true; | ||||
|     settings = { | ||||
|       server_name = "rcia.dev"; | ||||
|       listeners = [{ | ||||
|         port = 8008; | ||||
|         bind_addresses = [ "synapse" ]; | ||||
|         tls = false; | ||||
|         type = http; | ||||
|         x_forwarded = true; | ||||
|         resources = [{ | ||||
|           names = [ "client" "federation" ]; | ||||
|           compress = false; | ||||
|         }]; | ||||
|       }]; | ||||
|       media_store_path = dataDir + "/media_store"; | ||||
|       max_upload_size = "100M"; | ||||
|       enable_registration = false; | ||||
|       report_stats = true; | ||||
|       signing_key_path = "/var/lib/matrix-synapse/matrix.rcia.dev.signing.key"; | ||||
|       turn_user_lifetime = "1h"; | ||||
|       turn_uris = [ "turn:rcia.dev:3478" "turn:rcia.dev:3479" ]; | ||||
|     }; | ||||
|   }; | ||||
|   sops.secrets = { | ||||
|     "matrix/secrets" = { | ||||
|         path = "/var/lib/matrix-synapse/secrets"; | ||||
|         owner = "matrix-synapse"; | ||||
|     } | ||||
|   } | ||||
| } | ||||
							
								
								
									
										33
									
								
								hosts/greatyamada/services/minecraft/bukkit.yml
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										33
									
								
								hosts/greatyamada/services/minecraft/bukkit.yml
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,33 @@ | |||
| # Managed by NixOS configuration | ||||
| settings: | ||||
|   use-map-color-cache: true | ||||
|   allow-end: true | ||||
|   warn-on-overload: true | ||||
|   permissions-file: permissions.yml | ||||
|   update-folder: update | ||||
|   plugin-profiling: false | ||||
|   connection-throttle: 4000 | ||||
|   query-plugins: true | ||||
|   deprecated-verbose: default | ||||
|   shutdown-message: Servidor cerrado | ||||
|   minimum-api: none | ||||
| spawn-limits: | ||||
|   axolotls: 5 | ||||
|   water-underground-creature: 5 | ||||
|   monsters: 120 | ||||
|   animals: 20 | ||||
|   water-animals: 5 | ||||
|   water-ambient: 20 | ||||
|   ambient: 15 | ||||
| chunk-gc: | ||||
|   period-in-ticks: 600 | ||||
| ticks-per: | ||||
|   axolotl-spawns: 1 | ||||
|   water-underground-creature-spawns: 1 | ||||
|   animal-spawns: 400 | ||||
|   monster-spawns: 1 | ||||
|   water-spawns: 1 | ||||
|   water-ambient-spawns: 1 | ||||
|   ambient-spawns: 1 | ||||
|   autosave: 6000 | ||||
| aliases: now-in-commands.yml | ||||
							
								
								
									
										1
									
								
								hosts/greatyamada/services/minecraft/data-directory.nix
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										1
									
								
								hosts/greatyamada/services/minecraft/data-directory.nix
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1 @@ | |||
| "/minecraft" | ||||
							
								
								
									
										82
									
								
								hosts/greatyamada/services/minecraft/default.nix
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										82
									
								
								hosts/greatyamada/services/minecraft/default.nix
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,82 @@ | |||
| { config, lib, pkgs, ... }: | ||||
| let | ||||
|   cfg = config.services.minecraft-server; | ||||
| 
 | ||||
|   bukkitConfigFile = ./bukkit.yml; | ||||
| 
 | ||||
|   spigotConfigFile = ./spigot.yml; | ||||
| 
 | ||||
|   cfgToString = v: if builtins.isBool v then lib.boolToString v else toString v; | ||||
| 
 | ||||
|   eulaFile = builtins.toFile "eula.txt" '' | ||||
|     # eula.txt managed by NixOS configuration | ||||
|     eula=true | ||||
|   ''; | ||||
| 
 | ||||
|   opsFile = builtins.toFile "ops.json" (builtins.toJSON [{ | ||||
|     name = "aveeeeryy"; | ||||
|     uuid = "b65a1bc3-c6a0-4e8c-99b8-3538cfec0cfc"; | ||||
|     level = 4; | ||||
|     bypassesPlayerLimit = true; | ||||
|   }]); | ||||
| 
 | ||||
|   serverPropertiesFile = pkgs.writeText "server.properties" ('' | ||||
|     # server.properties managed by NixOS configuration | ||||
|   '' + lib.concatStringsSep "\n" | ||||
|     (lib.mapAttrsToList (n: v: "${n}=${cfgToString v}") cfg.serverProperties)); | ||||
| 
 | ||||
|   serverIcon = ./server-icon.png; | ||||
| 
 | ||||
| in { | ||||
|   imports = [ ./plugins ]; | ||||
|   services.minecraft-server = { | ||||
|     enable = true; | ||||
|     package = pkgs.papermc.override { | ||||
|       mcVersion = "1.20.6"; | ||||
|       buildNum = "147"; | ||||
|     }; | ||||
|     declarative = true; | ||||
|     eula = true; | ||||
|     openFirewall = true; | ||||
|     jvmOpts = | ||||
|       "-Xms4G -Xmx4G -XX:+UseG1GC -XX:+ParallelRefProcEnabled -XX:MaxGCPauseMillis=200 -XX:+UnlockExperimentalVMOptions -XX:+DisableExplicitGC -XX:+AlwaysPreTouch -XX:G1NewSizePercent=30 -XX:G1MaxNewSizePercent=40 -XX:G1HeapRegionSize=8M -XX:G1ReservePercent=20 -XX:G1HeapWastePercent=5 -XX:G1MixedGCCountTarget=4 -XX:InitiatingHeapOccupancyPercent=15 -XX:G1MixedGCLiveThresholdPercent=90 -XX:G1RSetUpdatingPauseTimePercent=5 -XX:SurvivorRatio=32 -XX:+PerfDisableSharedMem -XX:MaxTenuringThreshold=1 -Dusing.aikars.flags=https://mcflags.emc.gs -Daikars.new.flags=true"; | ||||
|     serverProperties = { | ||||
|       difficulty = "hard"; | ||||
|       enable-rcon = false; | ||||
|       enforce-secure-profile = false; | ||||
|       enforce-whitelist = true; | ||||
|       hide-online-players = true; | ||||
|       motd = "NixOS server"; | ||||
|       online-mode = true; | ||||
|       pvp = false; | ||||
|       server-port = 13914; | ||||
|       spawn-protection = 0; | ||||
|       white-list = true; | ||||
|     }; | ||||
|     dataDir = import ./data-directory.nix; | ||||
|   }; | ||||
|   # Overriden to have a non-declarative whitelist | ||||
|   systemd.services.minecraft-server.preStart = lib.mkForce '' | ||||
|     ln -sf ${eulaFile} eula.txt | ||||
|     cp -f ${bukkitConfigFile} bukkit.yml | ||||
|     chmod +w bukkit.yml | ||||
|     cp -f ${spigotConfigFile} spigot.yml | ||||
|     chmod +w spigot.yml | ||||
|     cp -f ${opsFile} ops.json | ||||
|     chmod +w ops.json | ||||
|     ln -sf ${serverIcon} server-icon.png | ||||
|     if [ -e .declarative ]; then | ||||
|       # Was declarative before, no need to back up anything | ||||
|       cp -f ${serverPropertiesFile} server.properties | ||||
|     else | ||||
|       # Declarative for the first time, backup stateful files | ||||
|       cp -b --suffix=.stateful ${serverPropertiesFile} server.properties | ||||
| 
 | ||||
|       # server.properties must have write permissions, because every time | ||||
|       # the server starts it first parses the file and then regenerates it.. | ||||
|       chmod +w server.properties | ||||
|       echo "Autogenerated file that signifies that this server configuration is managed declaratively by NixOS" \ | ||||
|         > .declarative | ||||
|     fi | ||||
|   ''; | ||||
| } | ||||
							
								
								
									
										4
									
								
								hosts/greatyamada/services/minecraft/plugins/default.nix
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								hosts/greatyamada/services/minecraft/plugins/default.nix
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,4 @@ | |||
| { pkgs, ... }: { | ||||
|   environment.systemPackages = with pkgs; | ||||
|     [ (callPackage ./packages/essentialsx.nix { }) ]; | ||||
| } | ||||
|  | @ -0,0 +1,24 @@ | |||
| { config, lib, stdenv, fetchurl }: | ||||
| 
 | ||||
| stdenv.mkDerivation rec { | ||||
|   pname = "EssentialsX"; | ||||
|   version = "2.20.1"; | ||||
| 
 | ||||
|   src = fetchurl { | ||||
|     url = | ||||
|       "https://github.com/EssentialsX/Essentials/releases/download/${version}/EssentialsX-${version}.jar"; | ||||
|     hash = "sha256-gC6jC9pGDKRZfoGJJYFpM8EjsI2BJqgU+sKNA6Yb9UI="; | ||||
|   }; | ||||
| 
 | ||||
|   unpackPhase = ":"; | ||||
| 
 | ||||
|   installPhase = '' | ||||
|     ln -sf EssentialsX-${version}.jar $out | ||||
|   ''; | ||||
| 
 | ||||
|   meta = { | ||||
|     description = "The modern Essentials suite for Spigot and Paper."; | ||||
|     homepage = "https://essentialsx.net/"; | ||||
|     license = lib.licenses.gpl3Plus; | ||||
|   }; | ||||
| } | ||||
							
								
								
									
										
											BIN
										
									
								
								hosts/greatyamada/services/minecraft/server-icon.png
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										
											BIN
										
									
								
								hosts/greatyamada/services/minecraft/server-icon.png
									
										
									
									
									
										Normal file
									
								
							
										
											Binary file not shown.
										
									
								
							| After Width: | Height: | Size: 9.4 KiB | 
							
								
								
									
										169
									
								
								hosts/greatyamada/services/minecraft/spigot.yml
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										169
									
								
								hosts/greatyamada/services/minecraft/spigot.yml
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,169 @@ | |||
| # Managed by NixOS configuration | ||||
| config-version: 12 | ||||
| settings: | ||||
|   debug: false | ||||
|   bungeecord: false | ||||
|   sample-count: 12 | ||||
|   player-shuffle: 0 | ||||
|   user-cache-size: 1000 | ||||
|   save-user-cache-on-stop-only: false | ||||
|   moved-wrongly-threshold: 0.0625 | ||||
|   moved-too-quickly-multiplier: 10.0 | ||||
|   timeout-time: 60 | ||||
|   restart-on-crash: false | ||||
|   restart-script: ./start.sh | ||||
|   netty-threads: 4 | ||||
|   log-villager-deaths: true | ||||
|   log-named-deaths: true | ||||
|   attribute: | ||||
|     maxHealth: | ||||
|       max: 2048.0 | ||||
|     movementSpeed: | ||||
|       max: 2048.0 | ||||
|     attackDamage: | ||||
|       max: 2048.0 | ||||
| messages: | ||||
|   whitelist: No estas en la whitelist | ||||
|   unknown-command: | ||||
|     Comando desconocido. Escribe "/help" para ver una lista con todos | ||||
|     los comandos. | ||||
|   server-full: El servidor esta lleno | ||||
|   outdated-client: Tu cliente de Minecraft está desactualizado, actualiza a la version {0} | ||||
|   outdated-server: El servidor está desactualizado, utiliza la version {0} | ||||
|   restart: El servidor se esta reiniciando | ||||
| advancements: | ||||
|   disable-saving: false | ||||
|   disabled: | ||||
|     - minecraft:story/disabled | ||||
| commands: | ||||
|   replace-commands: | ||||
|     - setblock | ||||
|     - summon | ||||
|     - testforblock | ||||
|     - tellraw | ||||
|   log: true | ||||
|   tab-complete: 0 | ||||
|   send-namespaced: true | ||||
|   spam-exclusions: | ||||
|     - /skill | ||||
|   silent-commandblock-console: false | ||||
| players: | ||||
|   disable-saving: false | ||||
| stats: | ||||
|   disable-saving: false | ||||
|   forced-stats: {} | ||||
| world-settings: | ||||
|   default: | ||||
|     seed-ancientcity: 20083232 | ||||
|     seed-buriedtreasure: 10387320 | ||||
|     seed-mineshaft: default | ||||
|     below-zero-generation-in-existing-chunks: true | ||||
|     simulation-distance: default | ||||
|     hopper-can-load-chunks: false | ||||
|     seed-nether: 30084232 | ||||
|     seed-stronghold: default | ||||
|     thunder-chance: 100000 | ||||
|     verbose: false | ||||
|     hopper-amount: 1 | ||||
|     dragon-death-sound-radius: 0 | ||||
|     seed-village: 10387312 | ||||
|     seed-desert: 14357617 | ||||
|     seed-igloo: 14357618 | ||||
|     seed-jungle: 14357619 | ||||
|     seed-swamp: 14357620 | ||||
|     seed-monument: 10387313 | ||||
|     seed-shipwreck: 165745295 | ||||
|     seed-ocean: 14357621 | ||||
|     seed-outpost: 165745296 | ||||
|     seed-endcity: 10387313 | ||||
|     seed-slime: 987234911 | ||||
|     seed-bastion: 30084232 | ||||
|     seed-fortress: 30084232 | ||||
|     seed-mansion: 10387319 | ||||
|     seed-fossil: 14357921 | ||||
|     seed-portal: 34222645 | ||||
|     max-tnt-per-tick: 100 | ||||
|     hanging-tick-frequency: 100 | ||||
|     zombie-aggressive-towards-villager: true | ||||
|     enable-zombie-pigmen-portal-spawns: true | ||||
|     item-despawn-rate: 6000 | ||||
|     view-distance: default | ||||
|     arrow-despawn-rate: 1200 | ||||
|     trident-despawn-rate: 1200 | ||||
|     wither-spawn-sound-radius: 0 | ||||
|     mob-spawn-range: 8 | ||||
|     end-portal-sound-radius: 0 | ||||
|     nerf-spawner-mobs: false | ||||
|     max-entity-collisions: 8 | ||||
|     growth: | ||||
|       twistingvines-modifier: 100 | ||||
|       weepingvines-modifier: 100 | ||||
|       cavevines-modifier: 100 | ||||
|       glowberry-modifier: 100 | ||||
|       cactus-modifier: 100 | ||||
|       cane-modifier: 100 | ||||
|       melon-modifier: 100 | ||||
|       mushroom-modifier: 100 | ||||
|       pumpkin-modifier: 100 | ||||
|       sapling-modifier: 100 | ||||
|       beetroot-modifier: 100 | ||||
|       carrot-modifier: 100 | ||||
|       potato-modifier: 100 | ||||
|       wheat-modifier: 100 | ||||
|       netherwart-modifier: 100 | ||||
|       vine-modifier: 100 | ||||
|       cocoa-modifier: 100 | ||||
|       bamboo-modifier: 100 | ||||
|       sweetberry-modifier: 100 | ||||
|       kelp-modifier: 100 | ||||
|     entity-activation-range: | ||||
|       ignore-spectators: false | ||||
|       animals: 32 | ||||
|       monsters: 32 | ||||
|       raiders: 48 | ||||
|       misc: 16 | ||||
|       water: 16 | ||||
|       villagers: 32 | ||||
|       flying-monsters: 32 | ||||
|       villagers-work-immunity-after: 100 | ||||
|       villagers-work-immunity-for: 20 | ||||
|       villagers-active-for-panic: true | ||||
|       tick-inactive-villagers: true | ||||
|       wake-up-inactive: | ||||
|         animals-max-per-tick: 4 | ||||
|         animals-every: 1200 | ||||
|         animals-for: 100 | ||||
|         monsters-max-per-tick: 8 | ||||
|         monsters-every: 400 | ||||
|         monsters-for: 100 | ||||
|         villagers-max-per-tick: 4 | ||||
|         villagers-every: 600 | ||||
|         villagers-for: 100 | ||||
|         flying-monsters-max-per-tick: 8 | ||||
|         flying-monsters-every: 200 | ||||
|         flying-monsters-for: 100 | ||||
|     ticks-per: | ||||
|       hopper-transfer: 8 | ||||
|       hopper-check: 1 | ||||
|     hunger: | ||||
|       jump-walk-exhaustion: 0.05 | ||||
|       jump-sprint-exhaustion: 0.2 | ||||
|       combat-exhaustion: 0.1 | ||||
|       regen-exhaustion: 6.0 | ||||
|       swim-multiplier: 0.01 | ||||
|       sprint-multiplier: 0.1 | ||||
|       other-multiplier: 0.0 | ||||
|     max-tick-time: | ||||
|       tile: 50 | ||||
|       entity: 50 | ||||
|     squid-spawn-range: | ||||
|       min: 45.0 | ||||
|     merge-radius: | ||||
|       exp: 3.0 | ||||
|       item: 2.5 | ||||
|     entity-tracking-range: | ||||
|       players: 48 | ||||
|       animals: 48 | ||||
|       monsters: 48 | ||||
|       misc: 32 | ||||
|       other: 64 | ||||
							
								
								
									
										7
									
								
								hosts/greatyamada/services/nginx-local-config.nix
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										7
									
								
								hosts/greatyamada/services/nginx-local-config.nix
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,7 @@ | |||
| # Configuration for local-only services | ||||
| '' | ||||
|   error_page 403 https://rcia.dev; | ||||
|   allow 10.0.0.0/24; | ||||
|   allow 10.10.0.0/24; | ||||
|   deny all; | ||||
| '' | ||||
							
								
								
									
										19
									
								
								hosts/greatyamada/services/nginx.nix
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										19
									
								
								hosts/greatyamada/services/nginx.nix
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,19 @@ | |||
| { pkgs, ... }: { | ||||
|   services.nginx = { | ||||
|     enable = true; | ||||
|     virtualHosts = { | ||||
|       "rcia.dev" = { | ||||
|         forceSSL = true; | ||||
|         locations = { | ||||
|           "/" = { root = /var/www/public; }; | ||||
|           "/profile_picture" = { }; | ||||
|         }; | ||||
|       }; | ||||
|       "ichi-prod.rcia.dev" = { | ||||
|         locations."/" = { | ||||
|             proxyPass = "http://127.0.0.1:3000"; | ||||
|         } | ||||
|       }; | ||||
|     }; | ||||
|   }; | ||||
| } | ||||
							
								
								
									
										1
									
								
								hosts/greatyamada/services/postgresql.nix
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										1
									
								
								hosts/greatyamada/services/postgresql.nix
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1 @@ | |||
| { lib, pkgs, ... }: { services.postgresql = { enable = true; }; } | ||||
							
								
								
									
										28
									
								
								hosts/greatyamada/services/radicale.nix
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										28
									
								
								hosts/greatyamada/services/radicale.nix
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,28 @@ | |||
| { ... }: | ||||
| let | ||||
|   radicalePath = "/mnt/Datos/radicale"; | ||||
|   nginxLocalServiceConfig = import ./nginx-local-config.nix; | ||||
| in { | ||||
|   services = { | ||||
|     radicale = { | ||||
|       enable = true; | ||||
|       settings = { | ||||
|         server.hosts = [ "127.0.0.1:5232" ]; | ||||
|         auth = { | ||||
|           type = "htpasswd"; | ||||
|           htpasswd_filename = "/etc/radicale/users"; | ||||
|           htpasswd_encryption = "bcrypt"; | ||||
|         }; | ||||
|         storage.filesystem_folder = radicalePath; | ||||
|       }; | ||||
|     }; | ||||
|     nginx.virtualHosts."radicale.rcia.dev" = { | ||||
|       locations."/" = { proxyPass = "http://127.0.0.1:5232"; }; | ||||
|       extraConfig = nginxLocalServiceConfig; | ||||
|     }; | ||||
|   }; | ||||
|   sops.secrets."radicale/users" = { | ||||
|     path = "/etc/radicale/users"; | ||||
|     owner = "radicale"; | ||||
|   }; | ||||
| } | ||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue