peperunas/nixos
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Deleted deluge and keycloak

Browse Source
This commit is contained in:
Giulio De Pasquale 2024-12-06 20:57:03 +00:00
parent 3f3b3d0604
commit b0df5717b5
2 changed files with 0 additions and 137 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
hosts/architect/deluge.nix
View File

@ -1,56 +0,0 @@
{ lib, config, pkgs, ... }:
let
domain = "htdel.giugl.io";
listenPorts = [ 51413 51414 ];
in
{
architect.firewall = {
openTCP = listenPorts;
openUDP = listenPorts;
};
services = {
deluge = {
enable = true;
group = "media";
declarative = true;
config = {
download_location = "/media/deluge";
max_upload_speed = 20;
# full-stream
enc_level = 1;
# forced
enc_in_policy = 0;
# forced
enc_out_policy = 0;
max_active_seeding = 100;
max_connections_global = 1000;
max_active_limit = 100;
max_active_downloading = 100;
listen_ports = listenPorts;
random_port = false;
enabled_plugins = [ "Label" "Extractor" ];
};
web.enable = true;
authFile = "/secrets/deluge/auth";
extraPackages = [ pkgs.unrar ];
};
};
architect.vhost.${domain} = with config.architect.networks; {
dnsInterfaces = [ "lan" "tailscale" ];
locations = {
"/" = {
allowLan = true;
port = 8112;
allow = [
tailscale.net
];
};
};
};
users.groups.media.members = [ "deluge" ];
}

81
hosts/architect/keycloak.nix
View File

@ -1,81 +0,0 @@
{ pkgs, lib, config, ... }:
let
domain = "auth.giugl.io";
utilities = import ./utilities.nix { inherit lib config; };
inherit (utilities) architectInterfaceAddress;
in
{
services = {
keycloak = {
enable = true;
initialAdminPassword = "giulio";
database.passwordFile = "/secrets/keycloak/database.key";
settings = {
hostname = domain;
proxy = "edge";
http-port = 6654;
https-port = 6655;
hostname-strict-backchannel = true;
};
};
postgresql = {
ensureDatabases =
[ "${toString config.services.keycloak.database.name}" ];
ensureUsers = [{
name = "${toString config.services.keycloak.database.username}";
ensurePermissions = {
"DATABASE ${toString config.services.keycloak.database.name}" =
"ALL PRIVILEGES";
};
}];
};
nginx.virtualHosts.${domain} = {
forceSSL = true;
enableACME = true;
locations = {
"/" = { return = "301 https://${domain}/realms/master/account"; };
"/admin" = {
proxyPass = "http://127.0.0.1:${
toString config.services.keycloak.settings.http-port
}";
};
"/js" = {
proxyPass = "http://127.0.0.1:${
toString config.services.keycloak.settings.http-port
}";
};
"/realms" = {
proxyPass = "http://127.0.0.1:${
toString config.services.keycloak.settings.http-port
}";
};
"/resources" = {
proxyPass = "http://127.0.0.1:${
toString config.services.keycloak.settings.http-port
}";
};
"/robots.txt" = {
proxyPass = "http://127.0.0.1:${
toString config.services.keycloak.settings.http-port
}";
};
};
};
};
networking.extraHosts = ''
${architectInterfaceAddress "lan"} ${domain}
${architectInterfaceAddress "tailscale"} ${domain}
'';
}