stream: format
This commit is contained in:
parent
f7b4f369fb
commit
9cf336ff79
|
@ -18,65 +18,69 @@
|
|||
networkConfig.IPv6AcceptRA = false;
|
||||
# try harder disabling global ipv6
|
||||
networkConfig.LinkLocalAddressing = "no";
|
||||
addresses = [ {
|
||||
addresses = [{
|
||||
addressConfig.Address = "${hostRegistry.stream.ip4}/${toString zentralwerk.lib.config.site.net.serv.subnet4Len}";
|
||||
} ];
|
||||
gateway = lib.mkForce [];
|
||||
routes = [ {
|
||||
}];
|
||||
gateway = lib.mkForce [ ];
|
||||
routes = [{
|
||||
routeConfig = {
|
||||
Destination = "172.20.0.0/14";
|
||||
Gateway = hostRegistry.serv-gw.ip4;
|
||||
};
|
||||
} ];
|
||||
}];
|
||||
};
|
||||
|
||||
# On the pub network I am a normal client.
|
||||
networks."30-pub" = {
|
||||
networkConfig.DHCP = "ipv4";
|
||||
gateway = lib.mkForce [];
|
||||
gateway = lib.mkForce [ ];
|
||||
networkConfig.IPv6AcceptRA = true;
|
||||
};
|
||||
};
|
||||
|
||||
services.peerflix.enable = true;
|
||||
services = {
|
||||
jackett.enable = true;
|
||||
|
||||
nginx = {
|
||||
enable = true;
|
||||
virtualHosts."stream.hq.c3d2.de" = {
|
||||
default = true;
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:9000";
|
||||
proxyWebsockets = true;
|
||||
extraConfig = ''
|
||||
auth_basic "Stream";
|
||||
auth_basic_user_file ${config.sops.secrets."nginx/httpAuth".path};
|
||||
'';
|
||||
};
|
||||
};
|
||||
virtualHosts."torrents.hq.c3d2.de" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:9117";
|
||||
extraConfig = ''
|
||||
auth_basic "Torrents";
|
||||
auth_basic_user_file ${config.sops.secrets."nginx/httpAuth".path};
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
peerflix.enable = true;
|
||||
};
|
||||
|
||||
systemd.services.peerflix.serviceConfig = {
|
||||
Restart = "always";
|
||||
RestartSec = 60;
|
||||
};
|
||||
services.jackett.enable = true;
|
||||
|
||||
sops = {
|
||||
defaultSopsFile = ./secrets.yaml;
|
||||
secrets."nginx/httpAuth".owner = config.systemd.services.nginx.serviceConfig.User;
|
||||
};
|
||||
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
virtualHosts."stream.hq.c3d2.de" = {
|
||||
default = true;
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:9000";
|
||||
proxyWebsockets = true;
|
||||
extraConfig = ''
|
||||
auth_basic "Stream";
|
||||
auth_basic_user_file ${config.sops.secrets."nginx/httpAuth".path};
|
||||
'';
|
||||
};
|
||||
};
|
||||
virtualHosts."torrents.hq.c3d2.de" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:9117";
|
||||
extraConfig = ''
|
||||
auth_basic "Torrents";
|
||||
auth_basic_user_file ${config.sops.secrets."nginx/httpAuth".path};
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
system.stateVersion = "22.05";
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue