Compare commits
2 commits
7e8a14383c
...
a12282c583
| Author | SHA1 | Date | |
|---|---|---|---|
 Tristan Daniël Maat
|
a12282c583
|
||
|
Tristan Daniël Maat
|
3e13b575b0
|
|
|
@ -8,6 +8,7 @@
|
|||
"${modulesPath}/profiles/headless.nix"
|
||||
(import ../modules)
|
||||
|
||||
./services/conduit.nix
|
||||
./services/gitea.nix
|
||||
./services/nextcloud.nix
|
||||
./services/webserver.nix
|
||||
|
|
@ -49,7 +50,17 @@
|
|||
useDHCP = false;
|
||||
interfaces.eth0.useDHCP = true;
|
||||
|
||||
firewall.allowedTCPPorts = [80 443 2222 21025];
|
||||
firewall.allowedTCPPorts = [
|
||||
# http
|
||||
80
|
||||
443
|
||||
# ssh
|
||||
2222
|
||||
# matrix
|
||||
8448
|
||||
# starbound
|
||||
21025
|
||||
];
|
||||
};
|
||||
|
||||
time.timeZone = "Europe/London";
|
||||
|
|
|
|||
53
configuration/services/conduit.nix
Normal file
53
configuration/services/conduit.nix
Normal file
|
|
@ -0,0 +1,53 @@
|
|||
{config, ...}: let
|
||||
cfg = config.services.matrix-conduit;
|
||||
domain = "matrix.${config.services.nginx.domain}";
|
||||
in {
|
||||
services.matrix-conduit = {
|
||||
enable = true;
|
||||
settings.global = {
|
||||
address = "127.0.0.1";
|
||||
server_name = domain;
|
||||
database_backend = "rocksdb";
|
||||
};
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts."${domain}" = {
|
||||
enableACME = true;
|
||||
|
||||
listen = [
|
||||
{
|
||||
addr = "0.0.0.0";
|
||||
port = 443;
|
||||
ssl = true;
|
||||
}
|
||||
{
|
||||
addr = "[::0]";
|
||||
port = 443;
|
||||
ssl = true;
|
||||
}
|
||||
{
|
||||
addr = "0.0.0.0";
|
||||
port = 8448;
|
||||
ssl = true;
|
||||
}
|
||||
{
|
||||
addr = "[::0]";
|
||||
port = 8488;
|
||||
ssl = true;
|
||||
}
|
||||
];
|
||||
|
||||
addSSL = true;
|
||||
extraConfig = ''
|
||||
merge_slashes off;
|
||||
'';
|
||||
|
||||
locations."/_matrix" = {
|
||||
proxyPass = "http://${cfg.settings.global.address}:${toString cfg.settings.global.port}";
|
||||
# Recommended by conduit
|
||||
extraConfig = ''
|
||||
proxy_buffering off;
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
||||
18
flake.nix
18
flake.nix
|
|
@ -86,6 +86,7 @@
|
|||
"2222" = "2222";
|
||||
"3080" = "80";
|
||||
"3443" = "443";
|
||||
"8448" = "8448"; # Matrix
|
||||
"21025" = "21025"; # Starbound
|
||||
};
|
||||
in {
|
||||
|
|
@ -111,22 +112,15 @@
|
|||
###########################
|
||||
# Development environment #
|
||||
###########################
|
||||
devShells.${system}.default = let
|
||||
inherit (sops-nix.packages.${system}) sops-import-keys-hook sops-init-gpg-key;
|
||||
deploy-rs-bin = deploy-rs.packages.${system}.default;
|
||||
pkgs = nixpkgs.legacyPackages.${system};
|
||||
in
|
||||
nixpkgs.legacyPackages.${system}.mkShell {
|
||||
devShells.${system}.default = nixpkgs.legacyPackages.${system}.mkShell {
|
||||
sopsPGPKeyDirs = ["./keys/hosts/" "./keys/users/"];
|
||||
nativeBuildInputs = [
|
||||
sops-import-keys-hook
|
||||
sops-nix.packages.${system}.sops-import-keys-hook
|
||||
];
|
||||
|
||||
packages = with pkgs; [
|
||||
nixfmt
|
||||
git-lfs
|
||||
sops-init-gpg-key
|
||||
deploy-rs-bin
|
||||
packages = [
|
||||
sops-nix.packages.${system}.sops-init-gpg-key
|
||||
deploy-rs.packages.${system}.default
|
||||
];
|
||||
};
|
||||
};
|
||||
|
|
|
|||
Loading…
Reference in a new issue