Compare commits

...

6 Commits

Author SHA1 Message Date
Giulio De Pasquale
d3255fdb47 Update lock 2023-05-01 06:32:55 +02:00
Giulio De Pasquale
4557b3ad27 dns: added search domains 2023-05-01 06:31:48 +02:00
Giulio De Pasquale
e439068b1d architect: enable plex 2023-05-01 06:05:25 +02:00
Giulio De Pasquale
77699945b5 architect: disable unused services 2023-05-01 06:05:06 +02:00
Giulio De Pasquale
f1f52b0154 nextcloud: push to v26 2023-05-01 05:51:06 +02:00
Giulio De Pasquale
6bdaacbc08 plex: update module 2023-05-01 05:50:42 +02:00
5 changed files with 30 additions and 18 deletions

12
flake.lock generated
View File

@ -24,11 +24,11 @@
}, },
"nixos-unstable": { "nixos-unstable": {
"locked": { "locked": {
"lastModified": 1681866352, "lastModified": 1682915526,
"narHash": "sha256-9XLyzaykO/kf1fc+5CmDxIDHshVmaNHY8FOkqXU0JBU=", "narHash": "sha256-j6JZH9MNQfPZ6Fm+LAGJjHLFT26WUB7scB9hNJiBhbA=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "10e706e52dfda585f96ddc00b1544edf7d9b9f87", "rev": "d46737f11841872e7980b1550511802db85c52b8",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -40,11 +40,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1681759395, "lastModified": 1682817260,
"narHash": "sha256-7aaRtLxLAy8qFVIA26ulB+Q5nDVzuQ71qi0s0wMjAws=", "narHash": "sha256-kFMXzKNj4d/0Iqbm5l57rHSLyUeyCLMuvlROZIuuhvk=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "cd749f58ba83f7155b7062dd49d08e5e47e44d50", "rev": "db1e4eeb0f9a9028bcb920e00abbc1409dd3ef36",
"type": "github" "type": "github"
}, },
"original": { "original": {

View File

@ -28,8 +28,8 @@ in
./minecraft.nix ./minecraft.nix
./prowlarr.nix ./prowlarr.nix
./libreddit.nix ./libreddit.nix
./invidious.nix # ./invidious.nix
# ./lidarr.nix # ./lidarr.nix
# ./navidrome.nix # ./navidrome.nix
./jellyfin.nix ./jellyfin.nix
./prosody.nix ./prosody.nix
@ -37,9 +37,10 @@ in
#./calibre.nix #./calibre.nix
./docker.nix ./docker.nix
./keycloak.nix ./keycloak.nix
./runas.nix # ./runas.nix
./tailscale.nix ./tailscale.nix
./searx.nix # ./searx.nix
./plex.nix
]; ];
time.timeZone = "Europe/Rome"; time.timeZone = "Europe/Rome";

View File

@ -17,6 +17,12 @@ in
localise-queries localise-queries
min-cache-ttl=120 min-cache-ttl=120
max-cache-ttl=2400 max-cache-ttl=2400
expand-hosts
domain=runas.rocks
domain=giugl.io
domain=devs.runas.rocks
domain=devs.giugl.io
''; '';
}; };

View File

@ -24,7 +24,7 @@ in
enable = true; enable = true;
hostName = domain; hostName = domain;
https = true; https = true;
package = pkgs.unstablePkgs.nextcloud25; package = pkgs.unstablePkgs.nextcloud26;
datadir = "/services/nextcloud"; datadir = "/services/nextcloud";
caching = { caching = {
redis = true; redis = true;

View File

@ -1,16 +1,23 @@
{ pkgs, lib, ... }: { pkgs, lib, ... }:
let let
domain = "media.giugl.io"; domain = "plex.giugl.io";
network = import ./network.nix; network = import ./network.nix;
port = 32400;
in in
{ {
architect.firewall = {
openTCP = [ 32400 3005 8324 32469 ];
openUDP = [ 1900 5353 32410 32412 32413 32414 ];
};
services.plex = { services.plex = {
enable = true; enable = true;
package = pkgs.unstablePkgs.plex; package = pkgs.unstablePkgs.plex;
dataDir = "/plex"; # dataDir = "/plex";
}; };
services.nginx = { services.nginx = {
enable = true; enable = true;
# give a name to the virtual host. It also becomes the server name. # give a name to the virtual host. It also becomes the server name.
@ -19,10 +26,6 @@ in
enableACME = true; enableACME = true;
http2 = true; http2 = true;
extraConfig = '' extraConfig = ''
allow 10.3.0.0/24;
allow 10.0.0.0/24;
deny all;
#Some players don't reopen a socket and playback stops totally instead of resuming after an extended pause #Some players don't reopen a socket and playback stops totally instead of resuming after an extended pause
send_timeout 100m; send_timeout 100m;
@ -77,8 +80,10 @@ in
# Buffering off send to the client as soon as the data is received from Plex. # Buffering off send to the client as soon as the data is received from Plex.
proxy_redirect off; proxy_redirect off;
proxy_buffering off; proxy_buffering off;
add_header 'Content-Security-Policy' 'upgrade-insecure-requests';
''; '';
locations."/" = { proxyPass = "http://127.0.0.1:32400"; }; locations."/" = { proxyPass = "http://127.0.0.1:${toString port}"; };
}; };
}; };