BeiNacht/nixos-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sun Aug 21 06:35:15 PM CEST 2022

Browse Source
This commit is contained in:
Alexander Szczepanski
2022-08-21 18:35:15 +02:00
parent 84870a7f82
commit 88436a734d
2 changed files with 52 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
configs/user.nix
View File

@ -16,12 +16,12 @@ in {
"libvirtd" "libvirtd"
"kvm" "kvm"
"lp" "lp"
"nginx"
"scanner" "scanner"
"adbusers" "adbusers"
]; ];
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDPSzeNjfkz7/B/18TcJxxmNFUhvTKoieBcexdzebWH7oncvyBXNRJp8vAqSIVFLzz5UUFQNFuilggs8/N48U84acmFOxlbUmxlkf8KZgeB/G6uQ8ncQh6M1HNNPH+9apTURgfctr7eEZe9seLIEBISQLXB2Sf3F1ogfDj25S8kH9RM4wM1/jDFK5IecWHScKxwQPmCoXeGE1LEJq6nkQLXMDsWhSihtWouaTxSR0p7/wp/Rqt/hzLEWj8e3+qLMc5JrrdaWksupUCysme7CnSfGSzNUv9RKiRCTFofYPT9tbRn5JzdpQ55v22S6OvmmXUHjST1MOzI8MpVPZCCqd/ZQ1E+gErFiMwjG4sn/xxdPK9/jbQaXMjLklbKtR+C5090Ew2u2kj78jqGk/8COhF1MXh/9qjcG+C51uD1AS9d410kfjPwkaUt4U2KktDMQ942nWywrvIWM0Gt2kgDLYotsy/70q/aTJ8bvaCoWoDOGmpWcyNNBalz4OYYGI2Z0WHrVTs0FpzSk/XeQz0OLkmueoh5GDGd8zrfO6Nf5LWI17aWGRePTpQP5mJIg6jC3j8/QVrthEP6QyIIkZsnfsmvSiMWVfXqEy1BxVlu3T6aLffaj679KCsxY+mx5mTH2hwd4ZdbSI4F0GCIt+WGaFhHs2V3ZQitoEZuraRPEc4HGw== alexander@szczepan.ski" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDPSzeNjfkz7/B/18TcJxxmNFUhvTKoieBcexdzebWH7oncvyBXNRJp8vAqSIVFLzz5UUFQNFuilggs8/N48U84acmFOxlbUmxlkf8KZgeB/G6uQ8ncQh6M1HNNPH+9apTURgfctr7eEZe9seLIEBISQLXB2Sf3F1ogfDj25S8kH9RM4wM1/jDFK5IecWHScKxwQPmCoXeGE1LEJq6nkQLXMDsWhSihtWouaTxSR0p7/wp/Rqt/hzLEWj8e3+qLMc5JrrdaWksupUCysme7CnSfGSzNUv9RKiRCTFofYPT9tbRn5JzdpQ55v22S6OvmmXUHjST1MOzI8MpVPZCCqd/ZQ1E+gErFiMwjG4sn/xxdPK9/jbQaXMjLklbKtR+C5090Ew2u2kj78jqGk/8COhF1MXh/9qjcG+C51uD1AS9d410kfjPwkaUt4U2KktDMQ942nWywrvIWM0Gt2kgDLYotsy/70q/aTJ8bvaCoWoDOGmpWcyNNBalz4OYYGI2Z0WHrVTs0FpzSk/XeQz0OLkmueoh5GDGd8zrfO6Nf5LWI17aWGRePTpQP5mJIg6jC3j8/QVrthEP6QyIIkZsnfsmvSiMWVfXqEy1BxVlu3T6aLffaj679KCsxY+mx5mTH2hwd4ZdbSI4F0GCIt+WGaFhHs2V3ZQitoEZuraRPEc4HGw== alexander@szczepan.ski"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDIsOYaj6+akcgTQPvm0/htYgO5z+PR1TJRxCnbRNI/ucqvcC6/eTzPU7tKG+UJtkfy30NSnwu/k9aENyb5zYLVoDHngOzH8DLl93B2nHgwUiLpv7kFXOhvD1jsA5RsryeumaL7YbtlePrso+FEJkUez8mncAjG4t9U/MifkTbujjS5AP35NONH01fQWKvivnqw4T0dq36e0J0YF/zcb1mQovt3dw7+NE0A6OwNGAElRNwVh619jL9g0TJBi3Ge8LASsHBildzTlNVHzIwdDzRdAvsoAXjYF42fjHSQXZJv5P5eJcT7JEt7x+yVWzTnk/K6/dtKi6kewbp/srUGSsVLP6x+o6QTQ5rYKoBRsM/3bfqG0PwijfDXEdn7bQn6+7PcnMhVi5wJppUeEOt0SbRBDSa3ewzTWjjESPW03b/oIlNrnDhk5UJmF5jlfxz9HHP73lqEpcNhEAiZMLbfvnwtufS/wYnZXz44i8rVEiNMfIOS2VIM74aNloPTvkq0Ek0GzTT6H4wQy7VbRgSOaW+XN5TSOEqtfZ0TpmYNrpskVx5yDrbOOArmULICGLlexed8fsFZX8P1ouTg96pM5Kr47HZsdEZzS8DKuDx8EP50ORYKbN6Kyb+f0FcMEfD1RQV+IECKnnFUyoozFjE0aV+ROjAKoDmyWdU2lpOPA8kRBw== alex@desktop"
]; ];
}; };
}; };

75
machine/vps.nix
View File

@ -94,6 +94,8 @@ in {
}; };
}; };
environment.systemPackages = with pkgs; [ goaccess ];
programs.mtr.enable = true; programs.mtr.enable = true;
programs.fuse.userAllowOther = true; programs.fuse.userAllowOther = true;
@ -110,6 +112,14 @@ in {
recommendedTlsSettings = true; recommendedTlsSettings = true;
clientMaxBodySize = "0"; clientMaxBodySize = "0";
commonHttpConfig = ''
log_format main '$host $remote_addr - $remote_user [$time_local] $upstream_cache_status "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" "$gzip_ratio" '
'$request_time $upstream_response_time $pipe';
access_log /var/log/nginx/access.log main;
'';
virtualHosts = { virtualHosts = {
"szczepan.ski" = { "szczepan.ski" = {
forceSSL = true; forceSSL = true;
@ -144,26 +154,6 @@ in {
enableACME = true; enableACME = true;
locations = { "/" = { proxyPass = "http://127.0.0.1:8082/"; }; }; locations = { "/" = { proxyPass = "http://127.0.0.1:8082/"; }; };
}; };
"portainer.szczepan.ski" = {
forceSSL = true;
enableACME = true;
locations = { "/" = { proxyPass = "http://127.0.0.1:8083/"; }; };
};
"mail.szczepan.ski" = {
forceSSL = true;
enableACME = true;
locations = { "/" = { proxyPass = "http://127.0.0.1:8084/"; }; };
};
"git.szczepan.ski" = {
forceSSL = true;
enableACME = true;
locations = { "/" = { proxyPass = "http://127.0.0.1:49154/"; }; };
};
"jellyfin.szczepan.ski" = {
forceSSL = true;
enableACME = true;
locations = { "/" = { proxyPass = "http://127.0.0.1:8085/"; }; };
};
"etesync-web.szczepan.ski" = { "etesync-web.szczepan.ski" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
@ -174,11 +164,31 @@ in {
enableACME = true; enableACME = true;
locations = { "/" = { proxyPass = "http://127.0.0.1:8087/"; }; }; locations = { "/" = { proxyPass = "http://127.0.0.1:8087/"; }; };
}; };
"file-manager.szczepan.ski" = { "portainer.szczepan.ski" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
locations = { "/" = { proxyPass = "http://127.0.0.1:8088/"; }; }; locations = { "/" = { proxyPass = "http://127.0.0.1:8083/"; }; };
}; };
# "mail.szczepan.ski" = {
# forceSSL = true;
# enableACME = true;
# locations = { "/" = { proxyPass = "http://127.0.0.1:8084/"; }; };
# };
# "git.szczepan.ski" = {
# forceSSL = true;
# enableACME = true;
# locations = { "/" = { proxyPass = "http://127.0.0.1:49154/"; }; };
# };
"jellyfin.szczepan.ski" = {
forceSSL = true;
enableACME = true;
locations = { "/" = { proxyPass = "http://127.0.0.1:8085/"; }; };
};
# "file-manager.szczepan.ski" = {
# forceSSL = true;
# enableACME = true;
# locations = { "/" = { proxyPass = "http://127.0.0.1:8088/"; }; };
# };
"webdav.szczepan.ski" = { "webdav.szczepan.ski" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
@ -201,7 +211,7 @@ in {
locations = { locations = {
"/" = { "/" = {
extraConfig = '' extraConfig = ''
proxy_set_header Host $host; proxy_set_header Host localhost;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
@ -217,7 +227,24 @@ in {
"homeassistant.szczepan.ski" = { "homeassistant.szczepan.ski" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
locations = { "/" = { proxyPass = "http://10.100.0.3:8123/"; }; }; locations = {
"/" = {
proxyPass = "http://10.100.0.3:8123/";
proxyWebsockets = true;
};
};
};
"goaccess.szczepan.ski" = {
forceSSL = true;
enableACME = true;
basicAuth = { alex = secrets.nginx-syncthing-password; };
locations = {
"/" = { root = "/var/www/goaccess"; };
"/ws" = {
proxyPass = "http://127.0.0.1:7890/";
proxyWebsockets = true;
};
};
}; };
}; };
}; };