spoody/server-configuration
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Updated nginx configuration for vm and for undefined virtualHosts

Browse source
This commit is contained in:
baritone 2025-03-20 09:57:01 +01:00
parent f0b23e712f
commit fd6bcd05b6
2 changed files with 41 additions and 69 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

106
services/auto-torrent.nix
View file

@ -5,12 +5,21 @@
}: let }: let
lib = pkgs.lib; lib = pkgs.lib;
host = "10.0.${toString vm-index}.1"; host = "10.0.${toString vm-index}.1";
port = 8989;
ports = {
sonarr.port = 8989;
radarr.port = 7878;
jackett.port = 9117;
# transmission.port = 9091;
};
vm-index = 1; vm-index = 1;
vm-mac = "02:00:00:00:00:02"; vm-mac = "02:00:00:00:00:02";
vm-name = "auto-torrent"; vm-name = "auto-torrent";
vpn-endpoint = "193.32.248.70"; vpn-endpoint = "193.32.248.70";
enable-services = true; enable-services = true;
ports-list = pkgs.lib.attrsets.mapAttrsToList (name: value: value.port) ports;
in { in {
microvm.autostart = [vm-name]; microvm.autostart = [vm-name];
@ -139,6 +148,7 @@ in {
services.transmission = pkgs.lib.mkIf enable-services { services.transmission = pkgs.lib.mkIf enable-services {
enable = true; enable = true;
openFirewall = true; openFirewall = true;
openRPCPort = true;
home = "/mnt/transmission"; home = "/mnt/transmission";
settings.download-dir = "/mnt/transmission"; settings.download-dir = "/mnt/transmission";
settings.incomplete-dir = "/mnt/transmission/.incomplete"; settings.incomplete-dir = "/mnt/transmission/.incomplete";
@ -169,73 +179,33 @@ in {
}; };
}; };
# Sonarr # Add virtual hosts for all the different services running in the vm
services.nginx.virtualHosts."sonarr.spoodythe.one" = { services.nginx.virtualHosts = builtins.listToAttrs (pkgs.lib.attrsets.mapAttrsToList (
addSSL = true; name: value: {
enableACME = true; name = "${name}.spoodythe.one";
listen = [ value = {
{ addSSL = true;
inherit port; enableACME = true;
addr = "0.0.0.0"; listen = [
ssl = false; {
port = value.port;
addr = "0.0.0.0";
ssl = false;
}
{
port = 443;
addr = "0.0.0.0";
ssl = true;
}
];
locations."/" = {
proxyPass = "http://${host}:${toString value.port}";
};
};
} }
{ )
port = 443; ports);
addr = "0.0.0.0";
ssl = true;
}
];
locations."/" = {
proxyPass = "http://${host}:${toString port}";
};
};
# Radarr networking.firewall.allowedTCPPorts = [80 443] ++ ports-list;
services.nginx.virtualHosts."radarr.spoodythe.one" = let networking.firewall.allowedUDPPorts = [80 443] ++ ports-list;
port = 7878;
in {
addSSL = true;
enableACME = true;
listen = [
{
inherit port;
addr = "0.0.0.0";
ssl = false;
}
{
port = 443;
addr = "0.0.0.0";
ssl = true;
}
];
locations."/" = {
proxyPass = "http://${host}:${toString port}";
};
};
# Jackett
services.nginx.virtualHosts."jackett.spoodythe.one" = let
port = 9117;
in {
addSSL = true;
enableACME = true;
listen = [
{
inherit port;
addr = "0.0.0.0";
ssl = false;
}
{
port = 443;
addr = "0.0.0.0";
ssl = true;
}
];
locations."/" = {
proxyPass = "http://${host}:${toString port}";
};
};
networking.firewall.allowedTCPPorts = [port 9117 7878 9696 80 433];
networking.firewall.allowedUDPPorts = [port 9117 7878 9696 80 433];
} }

4
services/nginx.nix
View file

@ -11,7 +11,9 @@
enableACME = true; enableACME = true;
default = true; default = true;
locations."/" = { locations."/" = {
return = 404; extraConfig = ''
deny all;
'';
}; };
}; };
}; };