Compare commits

...

2 Commits

Author SHA1 Message Date
df7e96e628 nixserver: Add nginx reverse proxy for 2024-08-06 08:17:57 -06:00
7705d42a05 Update config for nixserver 2024-08-05 19:13:44 -06:00
3 changed files with 66 additions and 21 deletions

34
flake.lock generated
View File

@ -23,16 +23,16 @@
]
},
"locked": {
"lastModified": 1715381426,
"narHash": "sha256-wPuqrAQGdv3ISs74nJfGb+Yprm23U/rFpcHFFNWgM94=",
"lastModified": 1720042825,
"narHash": "sha256-A0vrUB6x82/jvf17qPCpxaM+ulJnD8YZwH9Ci0BsAzE=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "ab5542e9dbd13d0100f8baae2bc2d68af901f4b4",
"rev": "e1391fb22e18a36f57e6999c7a9f966dc80ac073",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-23.11",
"ref": "release-24.05",
"repo": "home-manager",
"type": "github"
}
@ -44,11 +44,11 @@
]
},
"locked": {
"lastModified": 1715930644,
"narHash": "sha256-W9pyM3/vePxrffHtzlJI6lDS3seANQ+Nqp+i58O46LI=",
"lastModified": 1722936497,
"narHash": "sha256-UBst8PkhY0kqTgdKiR8MtTBt4c1XmjJoOV11efjsC/o=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "e3ad5108f54177e6520535768ddbf1e6af54b59d",
"rev": "a6c743980e23f4cef6c2a377f9ffab506568413a",
"type": "github"
},
"original": {
@ -60,11 +60,11 @@
"lf-icons": {
"flake": false,
"locked": {
"lastModified": 1715142021,
"narHash": "sha256-J58ZRN0nPqzzzkAENOQ6wbOdmGgk0ocp9JcTT0s7aa4=",
"lastModified": 1722900728,
"narHash": "sha256-jJhq6SkoJa0iciDJrTq7KVMbNyFE5XaDokXghun34qo=",
"owner": "gokcehan",
"repo": "lf",
"rev": "12e99fdb641565e3122ab62dce0b77e836aa69a4",
"rev": "b258d8fbf060e3db5f82825cf7c4186dfb10157f",
"type": "github"
},
"original": {
@ -94,16 +94,16 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1715948915,
"narHash": "sha256-dxMrggEogQuJQr6f02VAFtsSNtjEPkgxczeiyW7WOQc=",
"lastModified": 1722791413,
"narHash": "sha256-rCTrlCWvHzMCNcKxPE3Z/mMK2gDZ+BvvpEVyRM4tKmU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "bacb8503d3a51d9e9b52e52a1ba45e2c380ad07d",
"rev": "8b5b6723aca5a51edf075936439d9cd3947b7b2c",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-23.11",
"ref": "nixos-24.05",
"type": "indirect"
}
},
@ -124,11 +124,11 @@
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1715961556,
"narHash": "sha256-+NpbZRCRisUHKQJZF3CT+xn14ZZQO+KjxIIanH3Pvn4=",
"lastModified": 1722813957,
"narHash": "sha256-IAoYyYnED7P8zrBFMnmp7ydaJfwTnwcnqxUElC1I26Y=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4a6b83b05df1a8bd7d99095ec4b4d271f2956b64",
"rev": "cb9a96f23c491c081b38eab96d22fa958043c9fa",
"type": "github"
},
"original": {

View File

@ -4,8 +4,8 @@
inputs = {
# Stable
nixpkgs.url = "nixpkgs/nixos-23.11";
home-manager.url = "github:nix-community/home-manager/release-23.11";
nixpkgs.url = "nixpkgs/nixos-24.05";
home-manager.url = "github:nix-community/home-manager/release-24.05";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
# Unstable

View File

@ -26,8 +26,8 @@
# USB WiFi driver kernel module
boot.extraModulePackages = [ config.boot.kernelPackages.rtl8821au ];
boot.kernelModules = [ "8821au" "sg" ];
boot.extraModulePackages = [ config.boot.kernelPackages.rtl88xxau-aircrack ];
boot.kernelModules = [ "88XXau" "sg" ];
networking.hostName = "nixserver";
@ -102,6 +102,51 @@
openFirewall = true;
};
security.acme.acceptTerms = true;
security.acme.certs."owl.cam123.dev" = {
dnsResolver = "1.1.1.1:53";
dnsProvider = "cloudflare";
email = "cameron@cam123.dev";
environmentFile = "/var/acme/secrets/.env";
extraDomainNames = [ "jelly.cam123.dev" ];
};
services.nginx = {
enable = true;
virtualHosts = {
"jelly.cam123.dev" = {
forceSSL = true;
useACMEHost = "owl.cam123.dev";
locations."/" = {
proxyPass = "http://127.0.0.1:8096";
recommendedProxySettings = true;
};
};
"owl.cam123.dev" = {
forceSSL = true;
enableACME = true;
acmeRoot = null;
locations."/" = {
proxyPass = "http://127.0.0.1:8080";
recommendedProxySettings = true;
};
};
};
};
virtualisation.oci-containers = {
backend = "docker";
containers.kitchenowl = {
image = "tombursch/kitchenowl:latest";
environmentFiles = [ /home/cameron/kitchenowl/.env ];
volumes = [ "/home/cameron/kitchenowl/data:/data" ];
ports = [ "8080:8080" ];
};
};
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];