noe/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
nixos/nixos/hosts/ingress-proxy/default.nix
noe fddfd8b18c add doll.repair; sync aerial
2024-03-23 16:29:31 -04:00

162 lines
4.6 KiB
Nix
Raw Blame History

{ lib, pkgs, config, inputs, ... }: let
tsHost = name: port: "${name}.hoki-porgy.ts.net:${toString port}";
in {
imports = [
../../templates/proxmox-lxc.nix
../../server.nix
../../features/dns-cache.nix
../../features/nginx.nix
../../features/telemetry/nginx.nix
];
networking.hostName = "ingress-proxy";
system.stateVersion = "24.05";
nixpkgs.hostPlatform = "x86_64-linux";
networking.firewall.allowedTCPPorts = [ 80 443 8448 ];
networking.firewall.allowedUDPPorts = [ 80 443 8448 ];
services.nginx = {
recommendedTlsSettings = true;
upstreams = {
ps2l_saerro.servers."${tsHost "ps2live" 8101}" = {};
ps2l_aggpop.servers."${tsHost "ps2live" 8201}" = {};
ps2l_metagame.servers."${tsHost "ps2live" 8301}" = {};
};
virtualHosts = let
defaultConfig = {
listen = [
{ addr = "0.0.0.0"; port = 443; ssl = true; }
{ addr = "[::]"; port = 443; ssl = true; }
];
http2 = true;
http3 = true;
forceSSL = lib.mkDefault true;
enableACME = true;
};
static = { src ? null, url ? null, rev ? null, aliases ? [] }: {
serverAliases = aliases;
root = if src != null then src else builtins.fetchGit { inherit url rev; };
} // defaultConfig;
placeholder = {
locations."=/" = {
alias = pkgs.writeText "placeholder.html" "empty space -- this site is non-functional";
extraConfig = ''
default_type text/plain;
'';
};
} // defaultConfig;
mekanoesh = static { src = inputs.noe-sh.packages.${pkgs.system}.default; };
ps2live = upstream: {
locations."/" = {
proxyPass = "http://ps2l_${upstream}";
proxyWebsockets = true;
};
} // defaultConfig;
in {
# Matrix (main)
# "mx.sapphic.engineer" = defaultConfig // {
# listen = [
# { addr = "0.0.0.0"; port = 443; ssl = true; }
# { addr = "[::]"; port = 443; ssl = true; }
# { addr = "0.0.0.0"; port = 8448; ssl = true; }
# { addr = "[::]"; port = 8448; ssl = true; }
# ];
# locations."/_matrix/" = {
# proxyPass = "http://mango";
# proxyWebsockets = true;
# extraConfig = ''
# proxy_set_header Host $host;
# proxy_buffering off;
# '';
# };
# extraConfig = ''
# merge_slashes off;
# client_max_body_size 100M;
# '';
# };
# "happ.ystatic.buzz" = defaultConfig // {
# locations."/" = {
# proxyPass = "http://hsb";
# proxyWebsockets = true;
# };
# extraConfig = ''
# client_max_body_size 40M;
# '';
# };
# "keysmash.xn--q9jyb4c" = defaultConfig // {
# locations."/" = {
# proxyPass = "http://ks";
# proxyWebsockets = true;
# };
# extraConfig = ''
# client_max_body_size 40M;
# '';
# };
"mekanoe.com" = mekanoesh;
"noe.sh" = mekanoesh;
"oc.mekanoe.com" = placeholder // {
serverAliases = [ "" ];
};
"kitsu.love" = static {
url = "https://codeberg.org/Vivieraaa/kitsu-site.git";
rev = "f669f68f1bf89c8f161627e994c9c865811964e8";
};
"agg.ps2.live" = ps2live "aggpop";
"saerro.ps2.live" = ps2live "saerro";
"metagame.ps2.live" = ps2live "metagame" // {
serverAliases = [ "metagame-new.ps2.live" ];
};
"doll.repair" = static {
src = inputs.noe-sh.packages.${pkgs.system}.default;
};
"porcelain.doll.repair" = placeholder;
# Generic store for /.well-known/ paths.
# "well-known.sapphic.engineer" = defaultConfig // {
# locations."=/.well-known/matrix/server" = let
# alias = pkgs.writeText "well-known-matrix-server" (builtins.toJSON {
# "m.server" = "mx.sapphic.engineer";
# });
# in {
# alias = "${alias}";
# extraConfig = ''
# default_type application/json;
# '';
# };
# locations."=/.well-known/matrix/client" = let
# alias = pkgs.writeText "well-known-matrix-client" (builtins.toJSON {
# "m.homeserver" = {
# base_url = "https://mx.sapphic.engineer";
# };
# });
# in {
# alias = "${alias}";
# extraConfig = ''
# default_type application/json;
# add_header Access-Control-Allow-Origin "*";
# '';
# };
# };
};
};
}
Reference in a new issue View git blame Copy permalink