geekygays
/
nixconf
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: geekygays:9f129b47775cf89c6c6188c5c8df3975f420a621
Branches Tags
geekygays:main
geekygays:magrathea
geekygays:orange
geekygays:bigscreen
geekygays:moonrock
geekygays:xen
...
compare: geekygays:d53239d9679a61966ea5e11cf4be06b19e1111f4
Branches Tags
geekygays:main
geekygays:magrathea
geekygays:orange
geekygays:bigscreen
geekygays:moonrock
geekygays:xen

2 Commits
9f129b4777 ... d53239d967

Author SHA1 Message Date
Bailey d53239d967 Adds nginx web proxy to pegasi. 2024-03-30 01:22:08 +00:00
Bailey b37c8a0f84 Open syncthing port on pegasi 2024-03-30 01:22:08 +00:00
1 changed files with 27 additions and 2 deletions
Show Stats Expand all files Collapse all files

29
systems/x86_64-linux/pegasi/default.nix
View File

@ -44,6 +44,27 @@
gg.users.admins = [ "mtxyz" "hive" "sasha" ];
security.acme = {
acceptTerms = true;
defaults.email = "acme.acct@mtxyz.me";
};
services.nginx = {
enable = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
virtualHosts."mc.0w0.club" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:8080";
extraConfig = ''
proxy_ssl_server_name on;
'';
};
};
};
# NFS config
users.users.anon = {
isSystemUser = true;
@ -68,8 +89,12 @@
};
networking.firewall = {
enable = true;
allowedTCPPorts = [ 111 2049 4000 4001 4002 20048 42069 ];
allowedUDPPorts = [ 111 2049 4000 4001 4002 20048 ];
# Syncthing - 22000
# NFS - 111 2049 4000 4001 4002 20048
# Podman - 42069/tcp
# Nginx - 80/tcp 443/tcp
allowedTCPPorts = [ 22000 111 2049 4000 4001 4002 20048 42069 80 443 ];
allowedUDPPorts = [ 22000 111 2049 4000 4001 4002 20048 ];
};
# Sets up ZFS mounts for homedirs and nfs mounts.