swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 09:07:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: network overhaul

Browse source
This commit is contained in:
Leon Schwarzäugl 2025-06-15 04:36:40 +02:00
parent 22fe55c284
commit ed15ef02bb
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
34 changed files with 1704 additions and 1037 deletions
Download patch file Download diff file Expand all files Collapse all files

38
modules/nixos/server/navidrome.nix
View file

@ -1,7 +1,14 @@
{ pkgs, config, lib, ... }:
let
serviceDomain = "sound.swarsel.win";
servicePort = 4040;
serviceName = "navidrome";
serviceUser = "navidrome";
serviceGroup = serviceUser;
in
{
options.swarselsystems.modules.server.navidrome = lib.mkEnableOption "enable navidrome on server";
config = lib.mkIf config.swarselsystems.modules.server.navidrome {
options.swarselsystems.modules.server."${serviceName}" = lib.mkEnableOption "enable ${serviceName} on server";
config = lib.mkIf config.swarselsystems.modules.server."${serviceName}" {
environment.systemPackages = with pkgs; [
pciutils
alsa-utils
@ -10,16 +17,16 @@
users = {
groups = {
navidrome = {
"$(serviceGroup}" = {
gid = 61593;
};
};
users = {
navidrome = {
"${serviceUser}" = {
isSystemUser = true;
uid = 61593;
group = "navidrome";
group = serviceGroup;
extraGroups = [ "audio" "utmp" "users" "pipewire" ];
};
};
@ -37,8 +44,8 @@
openFirewall = true;
settings = {
LogLevel = "debug";
Address = "127.0.0.1";
Port = 4040;
Address = "0.0.0.0";
Port = servicePort;
MusicFolder = "/Vault/Eternor/Music";
PlaylistsPath = "./Playlists";
EnableSharing = true;
@ -70,15 +77,22 @@
};
};
services.nginx = {
nodes.moonside.services.nginx = {
upstreams = {
"${serviceName}" = {
servers = {
"192.168.1.2:${builtins.toString servicePort}" = { };
};
};
};
virtualHosts = {
"sound.swarsel.win" = {
"${serviceDomain}" = {
enableACME = true;
forceSSL = true;
acmeRoot = null;
locations = {
"/" = {
proxyPass = "http://localhost:4040";
proxyPass = "http://navidrome";
proxyWebsockets = true;
extraConfig = ''
auth_request /oauth2/auth;
@ -125,7 +139,7 @@
'';
};
"/share" = {
proxyPass = "http://localhost:4040";
proxyPass = "http://navidrome";
proxyWebsockets = true;
extraConfig = ''
proxy_redirect http:// https://;
@ -139,7 +153,7 @@
'';
};
"/rest" = {
proxyPass = "http://localhost:4040";
proxyPass = "http://navidrome";
proxyWebsockets = true;
extraConfig = ''
proxy_redirect http:// https://;