Cloonar/nixos
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: fw some changes

Browse Source
This commit is contained in:
Dominik Polakovics Polakovics
2026-01-18 20:41:00 +01:00
parent 694c11bcd5
commit edbf5dcbbc
3 changed files with 33 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
hosts/fw/modules/ddclient.nix
View File

@@ -9,13 +9,18 @@
passwordFile = config.sops.secrets.ddclient.path;
zone = "cloonar.com";
domains = [
"fw.cloonar.com"
"vpn.cloonar.com"
"git.cloonar.com"
"palworld.cloonar.com"
"matrix.cloonar.com"
"audiobooks.cloonar.com"
"element.cloonar.com"
"tinder.cloonar.com"
"foundry-vtt.cloonar.com"
"foundry-ha.cloonar.com"
"fw.cloonar.com"
"git.cloonar.com"
"jellyfin.cloonar.com"
"matrix.cloonar.com"
"palworld.cloonar.com"
"support.cloonar.com"
"sync.cloonar.com"
"vpn.cloonar.com"
];
};

1
hosts/fw/modules/dnsmasq.nix
View File

@@ -137,6 +137,7 @@
# multimedia
"/dl.cloonar.com/${config.networkPrefix}.97.5"
"/jellyfin.cloonar.com/${config.networkPrefix}.97.5"
"/audiobooks.cloonar.com/${config.networkPrefix}.97.5"
"/deconz.cloonar.multimedia/${config.networkPrefix}.97.22"

30
hosts/fw/modules/web/proxies.nix
View File

@@ -57,15 +57,6 @@
enableACME = true;
acmeRoot = null;
# Restrict to internal LAN only
extraConfig = ''
allow ${config.networkPrefix}.96.0/24;
allow ${config.networkPrefix}.97.0/24;
allow ${config.networkPrefix}.98.0/24;
allow ${config.networkPrefix}.99.0/24;
deny all;
'';
locations."/" = {
proxyPass = "http://${config.networkPrefix}.97.11:8096";
proxyWebsockets = true;
@@ -82,4 +73,25 @@
'';
};
};
services.nginx.virtualHosts."audiobooks.cloonar.com" = {
forceSSL = true;
enableACME = true;
acmeRoot = null;
locations."/" = {
proxyPass = "http://${config.networkPrefix}.97.11:13378";
proxyWebsockets = true;
extraConfig = ''
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $http_host;
# Disable buffering for better streaming performance
proxy_buffering off;
'';
};
};
}