From 203cf88662943b3ba0a9a084d685f0a8a803aa18 Mon Sep 17 00:00:00 2001 From: Astro Date: Mon, 21 Nov 2022 19:39:38 +0100 Subject: [PATCH] owncast: init --- flake.nix | 7 +++++ hosts/owncast/default.nix | 37 +++++++++++++++++++++++++++ hosts/public-access-proxy/default.nix | 3 +++ 3 files changed, 47 insertions(+) create mode 100644 hosts/owncast/default.nix diff --git a/flake.nix b/flake.nix index 8f9bd832..ff5afe8d 100644 --- a/flake.nix +++ b/flake.nix @@ -984,6 +984,13 @@ ]; }; + owncast = nixosSystem' { + modules = [ + self.nixosModules.cluster-options + ./hosts/owncast + ]; + nixpkgs = nixos-unstable; + }; }; nixosModule = self.nixosModules.c3d2; diff --git a/hosts/owncast/default.nix b/hosts/owncast/default.nix new file mode 100644 index 00000000..8df79fe0 --- /dev/null +++ b/hosts/owncast/default.nix @@ -0,0 +1,37 @@ +{ config, ... }: + +{ + deployment = { + persistedShares = [ "/etc" "/home" "/var" ]; + mem = 512; + }; + c3d2.hq.statistics.enable = true; + + networking = { + hostName = "owncast"; + firewall.allowedTCPPorts = [ 80 443 ]; + }; + + services.owncast = { + enable = true; + openFirewall = true; + }; + + services.nginx = { + enable = true; + recommendedOptimisation = true; + recommendedTlsSettings = true; + recommendedGzipSettings = true; + virtualHosts."owncast.c3d2.de" = { + default = true; + forceSSL = true; + enableACME = true; + + locations."/".proxyPass = + let + inherit (config.services.owncast) port; + in + "http://localhost:${toString port}"; + }; + }; +} diff --git a/hosts/public-access-proxy/default.nix b/hosts/public-access-proxy/default.nix index 6db4ab56..5d347584 100644 --- a/hosts/public-access-proxy/default.nix +++ b/hosts/public-access-proxy/default.nix @@ -133,6 +133,9 @@ } { hostNames = [ "zengel.datenspuren.de" ]; proxyTo.host = config.c3d2.hosts.zengel.ip4; + } { + hostNames = [ "owncast.c3d2.de" ]; + proxyTo.host = config.c3d2.hosts.owncast.ip4; } ]; };