Clean up, remove epicgames-freegames-node, move scrutiny to its own file
This commit is contained in:
parent
1c6c446cd2
commit
46985b638b
18 changed files with 96 additions and 109 deletions
|
@ -1,3 +1,3 @@
|
|||
# server.nix
|
||||
|
||||
Nix config for my home server
|
||||
NixOS config for [catnip.ee](https://catnip.ee)
|
|
@ -2,7 +2,6 @@
|
|||
, pkgs
|
||||
, inputs
|
||||
, settings
|
||||
, lib
|
||||
, ...
|
||||
}:
|
||||
let
|
||||
|
@ -44,9 +43,7 @@ in
|
|||
};
|
||||
|
||||
globalConfig = ''
|
||||
servers {
|
||||
metrics
|
||||
}
|
||||
|
||||
admin 0.0.0.0:2019
|
||||
'';
|
||||
|
@ -71,18 +68,6 @@ in
|
|||
@local remote_ip private_ranges 100.64.0.0/10
|
||||
reverse_proxy @local http://${config.services.syncthing.guiAddress}
|
||||
'';
|
||||
"http://epic.internal".extraConfig = ''
|
||||
@local remote_ip private_ranges 100.64.0.0/10
|
||||
reverse_proxy @local :${toString settings.ports.epicgames-freegames-node}
|
||||
'';
|
||||
"http://scrutiny.internal".extraConfig = ''
|
||||
@local remote_ip private_ranges 100.64.0.0/10
|
||||
reverse_proxy @local :${toString config.services.scrutiny.settings.web.listen.port}
|
||||
'';
|
||||
"http://qbittorrent.internal".extraConfig = ''
|
||||
@local remote_ip private_ranges 100.64.0.0/10
|
||||
reverse_proxy @local :${toString settings.ports.qbittorrent}
|
||||
'';
|
||||
"http://files.internal".extraConfig = ''
|
||||
@local remote_ip private_ranges 100.64.0.0/10
|
||||
root * /mnt/media
|
||||
|
@ -138,7 +123,7 @@ in
|
|||
handle /.well-known/matrix/client {
|
||||
header Content-Type application/json
|
||||
header Access-Control-Allow-Origin *
|
||||
respond `{"m.homeserver":{"base_url":"https://matrix.catnip.ee/"},"org.matrix.msc3575.proxy":{"url":"https://sliding-sync.catnip.ee"}}`
|
||||
respond `{"m.homeserver":{"base_url":"https://matrix.catnip.ee/"}}`
|
||||
}
|
||||
handle /.well-known/matrix/server {
|
||||
header Content-Type application/json
|
||||
|
@ -147,7 +132,7 @@ in
|
|||
}
|
||||
|
||||
handle /telegram/* {
|
||||
reverse_proxy :${toString settings.ports.mautrix-telegram}
|
||||
reverse_proxy :${toString config.services.mautrix-telegram.settings.appservice.port}
|
||||
}
|
||||
'';
|
||||
|
||||
|
@ -165,7 +150,7 @@ in
|
|||
handle /.well-known/matrix/client {
|
||||
header Content-Type application/json
|
||||
header Access-Control-Allow-Origin *
|
||||
respond `{"m.homeserver":{"base_url":"https://matrix.catnip.ee/"},"org.matrix.msc3575.proxy":{"url":"https://sliding-sync.catnip.ee"}}`
|
||||
respond `{"m.homeserver":{"base_url":"https://matrix.catnip.ee/"}}`
|
||||
}
|
||||
handle /.well-known/matrix/server {
|
||||
header Content-Type application/json
|
|
@ -1,12 +1,13 @@
|
|||
{ config
|
||||
, pkgs
|
||||
, inputs
|
||||
, settings
|
||||
, ...
|
||||
}: {
|
||||
imports = [
|
||||
./hardware-configuration.nix
|
||||
./containers
|
||||
./caddy
|
||||
./caddy.nix
|
||||
./gui.nix
|
||||
./drives.nix
|
||||
./games/palworld.nix
|
||||
|
@ -176,23 +177,14 @@
|
|||
# maybe only include /var/lib?
|
||||
"/var/lib/mysql"
|
||||
"/var/lib/postgresql"
|
||||
"/var/lib/private/drasl"
|
||||
"/var/lib/acme"
|
||||
"/var/lib/tailscale"
|
||||
"/var/lib/private/scrutiny"
|
||||
"/var/lib/caddy"
|
||||
"/var/lib/syncthing"
|
||||
"/var/lib/matrix-synapse"
|
||||
"/var/lib/influxdb2"
|
||||
|
||||
"/etc/secrets"
|
||||
"/etc/nixos"
|
||||
"/srv/minecraft"
|
||||
|
||||
"/home/owo/Documents/server_configs/archivebox"
|
||||
"/home/owo/Documents/server_configs/epicgames-freegames-node"
|
||||
"/home/owo/Documents/server_configs/palworld"
|
||||
"/home/owo/Documents/server_configs/sonic"
|
||||
];
|
||||
|
||||
exclude = [
|
||||
|
@ -214,11 +206,6 @@
|
|||
guiAddress = "0.0.0.0:8384";
|
||||
openDefaultPorts = true;
|
||||
};
|
||||
scrutiny = {
|
||||
enable = true;
|
||||
collector.enable = true;
|
||||
settings.web.listen.port = 4012;
|
||||
};
|
||||
tailscale = {
|
||||
enable = true;
|
||||
useRoutingFeatures = "server";
|
||||
|
@ -309,7 +296,7 @@
|
|||
listeners = [
|
||||
{
|
||||
bind_addresses = [ "127.0.0.1" ];
|
||||
port = 8008;
|
||||
port = settings.ports.synapse;
|
||||
resources = [
|
||||
{
|
||||
compress = true;
|
||||
|
|
|
@ -1,27 +1,7 @@
|
|||
{ settings
|
||||
, ...
|
||||
}: {
|
||||
{ ... }: {
|
||||
virtualisation.oci-containers = {
|
||||
backend = "docker";
|
||||
containers = {
|
||||
epicgames-freegames-node = {
|
||||
autoStart = true;
|
||||
image = "ghcr.io/claabs/epicgames-freegames-node:latest";
|
||||
volumes = [
|
||||
"${settings.server_configs_home}/epicgames-freegames-node:/usr/app/config"
|
||||
];
|
||||
environment = {
|
||||
BASE_URL = "http://epic.internal";
|
||||
RUN_ON_STARTUP = "true";
|
||||
NTFY_PRIORITY = "urgent";
|
||||
};
|
||||
environmentFiles = [
|
||||
"/etc/secrets/efn.env"
|
||||
];
|
||||
ports = [
|
||||
"${toString settings.ports.epicgames-freegames-node}:3000"
|
||||
];
|
||||
};
|
||||
watchtower = {
|
||||
autoStart = true;
|
||||
image = "docker.io/containrrr/watchtower:latest-dev";
|
||||
|
|
|
@ -50,5 +50,10 @@
|
|||
};
|
||||
};
|
||||
};
|
||||
|
||||
borgbackup.jobs."borgbase".paths = [
|
||||
"/var/lib/private/drasl"
|
||||
"/srv/minecraft"
|
||||
];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,12 +1,15 @@
|
|||
{ settings
|
||||
, ...
|
||||
}: {
|
||||
}: let
|
||||
serverPort = 8211;
|
||||
steamQueryPort = 27015;
|
||||
in {
|
||||
virtualisation.oci-containers.containers.palworld = {
|
||||
autoStart = true;
|
||||
image = "thijsvanloef/palworld-server-docker:latest";
|
||||
ports = [
|
||||
"${toString settings.ports.palworld}:${toString settings.ports.palworld}/udp" # server
|
||||
"27015:27015/udp" # QUERY_PORT for steam server? Whatever that is, has to be exposed
|
||||
"${toString serverPort}:${toString serverPort}/udp" # server
|
||||
"${toString steamQueryPort}:27015/udp" # QUERY_PORT for steam server? Whatever that is, has to be exposed
|
||||
# "8212:8212/tcp" # Uncomment this line if REST API is enabled
|
||||
];
|
||||
environment = {
|
||||
|
@ -14,7 +17,7 @@
|
|||
PGID = "1000";
|
||||
TZ = "Europe/Tallinn";
|
||||
|
||||
PORT = toString settings.ports.palworld;
|
||||
PORT = toString serverPort;
|
||||
PLAYERS = "16";
|
||||
MULTITHREADING = "true";
|
||||
RCON_ENABLED = "true";
|
||||
|
@ -37,7 +40,11 @@
|
|||
};
|
||||
|
||||
networking.firewall.allowedUDPPorts = [
|
||||
27015
|
||||
settings.ports.palworld
|
||||
serverPort
|
||||
steamQueryPort
|
||||
];
|
||||
|
||||
services.borgbackup.jobs."borgbase".paths = [
|
||||
"/home/owo/Documents/server_configs/palworld"
|
||||
];
|
||||
}
|
||||
|
|
|
@ -96,8 +96,15 @@ in
|
|||
};
|
||||
};
|
||||
|
||||
services.caddy.virtualHosts."http://archive.internal".extraConfig = ''
|
||||
services = {
|
||||
borgbackup.jobs."borgbase".paths = [
|
||||
"/home/owo/Documents/server_configs/archivebox"
|
||||
"/home/owo/Documents/server_configs/sonic"
|
||||
];
|
||||
|
||||
caddy.virtualHosts."http://archive.internal".extraConfig = ''
|
||||
@local remote_ip private_ranges 100.64.0.0/10
|
||||
reverse_proxy @local :${toString port}
|
||||
'';
|
||||
};
|
||||
}
|
||||
|
|
|
@ -32,7 +32,6 @@
|
|||
"qbittorrent.internal"
|
||||
"scrutiny.internal"
|
||||
"archive.internal"
|
||||
"epic.internal"
|
||||
"sonarr.internal"
|
||||
"radarr.internal"
|
||||
"prowlarr.internal"
|
||||
|
|
|
@ -62,16 +62,13 @@ in
|
|||
};
|
||||
};
|
||||
|
||||
security.acme.certs = {
|
||||
${config.services.coturn.realm} = {
|
||||
security.acme.certs.${config.services.coturn.realm} = {
|
||||
webroot = turnAcmeDir;
|
||||
postRun = "systemctl restart coturn.service";
|
||||
group = config.systemd.services.coturn.serviceConfig.Group;
|
||||
};
|
||||
};
|
||||
|
||||
networking.firewall = {
|
||||
enable = true;
|
||||
allowedUDPPortRanges = with config.services.coturn; [
|
||||
{
|
||||
from = min-port;
|
||||
|
|
|
@ -24,5 +24,6 @@
|
|||
./plex.nix
|
||||
./komga.nix
|
||||
./prosody.nix
|
||||
./scrutiny.nix
|
||||
];
|
||||
}
|
|
@ -1,4 +1,6 @@
|
|||
{ pkgs, settings, ... }: {
|
||||
{ pkgs, settings, ... }: let
|
||||
appservicePort = 8009;
|
||||
in {
|
||||
virtualisation.oci-containers.containers.mautrix-discord = {
|
||||
autoStart = true;
|
||||
image = "dock.mau.dev/mautrix/discord:v0.7.2";
|
||||
|
@ -32,8 +34,8 @@
|
|||
domain = "catnip.ee";
|
||||
};
|
||||
appservice = {
|
||||
address = "http://localhost:${toString settings.ports.mautrix-telegram}";
|
||||
port = settings.ports.mautrix-telegram;
|
||||
address = "http://localhost:${toString appservicePort}";
|
||||
port = appservicePort;
|
||||
provisioning.enabled = false;
|
||||
id = "telegram";
|
||||
public = {
|
||||
|
|
|
@ -1,6 +1,8 @@
|
|||
{ config, pkgs, ... }: let
|
||||
{ config, pkgs, lib, ... }:
|
||||
let
|
||||
port = 4008;
|
||||
in {
|
||||
in
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
ffmpeg # needed for thumbnails iirc
|
||||
];
|
||||
|
@ -44,8 +46,8 @@ in {
|
|||
extraApps = with config.services.nextcloud.package.packages.apps; {
|
||||
inherit contacts calendar tasks mail;
|
||||
integration_github = pkgs.fetchNextcloudApp {
|
||||
url = "https://github.com/nextcloud-releases/integration_github/releases/download/v3.0.0/integration_github-v3.0.0.tar.gz";
|
||||
sha256 = "sha256-ruLN4lw3Vy8OavTYm1g2L9q1wusRP0a+BpvfXkrZI3A=";
|
||||
url = "https://github.com/nextcloud-releases/integration_github/releases/download/v3.1.1/integration_github-v3.1.1.tar.gz";
|
||||
sha256 = "sha256-nm463H33WyXTJkb7+OSsunARNuSl5nc3uGClgwkVvhM=";
|
||||
license = "agpl3Only";
|
||||
};
|
||||
};
|
||||
|
|
|
@ -8,6 +8,7 @@
|
|||
base-url = "https://ntfy.catnip.ee";
|
||||
};
|
||||
};
|
||||
|
||||
caddy.virtualHosts."ntfy.catnip.ee".extraConfig = ''
|
||||
tls {
|
||||
dns cloudflare {env.CLOUDFLARE_API_TOKEN}
|
||||
|
|
|
@ -19,8 +19,7 @@
|
|||
};
|
||||
};
|
||||
|
||||
virtualisation.oci-containers.containers = {
|
||||
plextraktsync = {
|
||||
virtualisation.oci-containers.containers.plextraktsync = {
|
||||
autoStart = true;
|
||||
image = "ghcr.io/taxel/plextraktsync";
|
||||
cmd = [ "watch" ];
|
||||
|
@ -33,5 +32,4 @@
|
|||
"${settings.server_configs_home}/plextraktsync:/app/config"
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
|
@ -36,9 +36,7 @@
|
|||
caddy.virtualHosts."üü.ee" = {
|
||||
useACMEHost = "xn--tdaa.ee";
|
||||
extraConfig = ''
|
||||
reverse_proxy :${toString (builtins.elemAt config.services.prosody.httpPorts 0)} {
|
||||
header_up Host "(.*).xn--tdaa.ee" "$1.üü.ee"
|
||||
}
|
||||
reverse_proxy :${toString (builtins.elemAt config.services.prosody.httpPorts 0)}
|
||||
'';
|
||||
|
||||
serverAliases = [
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ settings, inputs, ... }: {
|
||||
{ config, inputs, ... }: {
|
||||
imports = [
|
||||
inputs.common-modules.nixosModules.qbittorrent-nox
|
||||
];
|
||||
|
@ -9,10 +9,15 @@
|
|||
openFirewall = true;
|
||||
user = "owo";
|
||||
group = "users";
|
||||
webuiPort = settings.ports.qbittorrent;
|
||||
torrentingPort = settings.ports.qbittorrent-torrent;
|
||||
webuiPort = 4010;
|
||||
torrentingPort = 43125;
|
||||
};
|
||||
|
||||
caddy.virtualHosts."http://qbittorrent.internal".extraConfig = ''
|
||||
@local remote_ip private_ranges 100.64.0.0/10
|
||||
reverse_proxy @local :${toString config.services.qbittorrent-nox.webuiPort}
|
||||
'';
|
||||
|
||||
borgbackup.jobs."borgbase".paths = [
|
||||
"/home/owo/.config/qBittorrent"
|
||||
"/home/owo/.local/share/qBittorrent"
|
||||
|
|
19
services/scrutiny.nix
Normal file
19
services/scrutiny.nix
Normal file
|
@ -0,0 +1,19 @@
|
|||
{ config, ... }: {
|
||||
services = {
|
||||
scrutiny = {
|
||||
enable = true;
|
||||
collector.enable = true;
|
||||
settings.web.listen.port = 4012;
|
||||
};
|
||||
|
||||
caddy.virtualHosts."http://scrutiny.internal".extraConfig = ''
|
||||
@local remote_ip private_ranges 100.64.0.0/10
|
||||
reverse_proxy @local :${toString config.services.scrutiny.settings.web.listen.port}
|
||||
'';
|
||||
|
||||
borgbackup.jobs."borgbase".paths = [
|
||||
"/var/lib/private/scrutiny"
|
||||
"/var/lib/influxdb2"
|
||||
];
|
||||
};
|
||||
}
|
|
@ -3,12 +3,6 @@
|
|||
server_configs_home = "/home/owo/Documents/server_configs";
|
||||
|
||||
ports = {
|
||||
palworld = 8211;
|
||||
synapse = 8008;
|
||||
mautrix-telegram = 8009;
|
||||
|
||||
epicgames-freegames-node = 4018;
|
||||
qbittorrent-torrent = 43125;
|
||||
qbittorrent = 4010;
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue