Compare commits
	
		
			2 commits
		
	
	
		
			3bff0ca1d2
			...
			f2112802f7
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| f2112802f7 | |||
| dffd0593a7 | 
					 3 changed files with 17 additions and 4 deletions
				
			
		|  | @ -3,6 +3,8 @@ | |||
|     adguardhome = { | ||||
|       dns = 53; | ||||
|       http = 3001; | ||||
|       https = 4430; | ||||
|       dns_over_tls = 853; | ||||
|     }; | ||||
|     forgejo = 3000; | ||||
|     jellyfin = 8096; | ||||
|  | @ -24,6 +26,7 @@ | |||
|     adguardhome = { | ||||
|       dns = 53; | ||||
|       dhcp = 67; | ||||
|       dns_over_quic = 853; | ||||
|     }; | ||||
|     wireguard = 51820; | ||||
|   }; | ||||
|  |  | |||
|  | @ -4,8 +4,8 @@ let | |||
|   nginxLocalServiceConfig = import ./nginx-local-config.nix; | ||||
| in { | ||||
|   networking.firewall = { | ||||
|     allowedTCPPorts = with ports.tcp.adguardhome; [ dns ]; | ||||
|     allowedUDPPorts = with ports.udp.adguardhome; [ dns dhcp ]; | ||||
|     allowedTCPPorts = with ports.tcp.adguardhome; [ dns dns_over_tls ]; | ||||
|     allowedUDPPorts = with ports.udp.adguardhome; [ dns dhcp dns_over_quic ]; | ||||
|   }; | ||||
|   services = { | ||||
|     adguardhome = { | ||||
|  | @ -27,6 +27,15 @@ in { | |||
|           bootstrap_dns = | ||||
|             [ "9.9.9.10" "149.112.112.10" "2620:fe::10" "2620:fe::fe:10" ]; | ||||
|         }; | ||||
|         tls = { | ||||
|           enabled = true; | ||||
|           server_name = "dns.rcia.dev"; | ||||
|           port_https = ports.tcp.adguardhome.https; | ||||
|           port_dns_over_tls = ports.tcp.adguardhome.dns_over_tls; | ||||
|           port_dns_over_quic = ports.udp.adguardhome.dns_over_quic; | ||||
|           certificate_path = "/var/lib/acme/rcia.dev/fullchain.pem"; | ||||
|           private_key_path = "/var/lib/acme/rcia.dev/key.pem"; | ||||
|         }; | ||||
|         dhcp = { | ||||
|           enabled = true; | ||||
|           interface_name = "enp5s0"; | ||||
|  | @ -266,9 +275,10 @@ in { | |||
|     nginx.virtualHosts."dns.rcia.dev" = { | ||||
|       forceSSL = true; | ||||
|       locations."/".proxyPass = | ||||
|         "http://127.0.0.1:${toString ports.tcp.adguardhome.http}"; | ||||
|         "https://127.0.0.1:${toString ports.tcp.adguardhome.https}"; | ||||
|       extraConfig = nginxLocalServiceConfig; | ||||
|       useACMEHost = "rcia.dev"; | ||||
|     }; | ||||
|   }; | ||||
|   users.groups.nginx.members = [ "adguardhome" ]; | ||||
| } | ||||
|  |  | |||
|  | @ -179,7 +179,7 @@ in { | |||
|         }; | ||||
|         "~* ^/fabric_prod/(maps/[^/\\s]*/live/.*)" = { | ||||
|           proxyPass = "http://127.0.0.1:${ | ||||
|               toString ports.tcp.minecraft.fabric-prod.bluemap | ||||
|               toString ports.tcp.minecraft.fabric_prod.bluemap | ||||
|             }/$1"; | ||||
|           extraConfig = '' | ||||
|             error_page 502 504 = @server-offline; | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue