Cloonar/nixos
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: Cloonar:4969520222f22d0ba9dcf76e3a329c197e6a3504
Branches Tags
Cloonar:master
...
compare: Cloonar:0df4a4c1ec6f5188fa1b8b4e41eb8bc9a38f4549
Branches Tags
Cloonar:master

2 Commits
4969520222 ... 0df4a4c1ec

Author SHA1 Message Date
Dominik Polakovics
0df4a4c1ec fix: update Firefox Sync configuration and proxy settings for improved functionality 2025-06-01 22:10:04 +02:00
Dominik Polakovics
365d15767b feat: add Firefox Sync module and update DNS settings for sync.cloonar.com 2025-06-01 17:01:12 +02:00
5 changed files with 27 additions and 41 deletions
Expand all files Collapse all files

2
hosts/fw/configuration.nix
View File

@@ -47,7 +47,7 @@
# ha customers # ha customers
./modules/ha-customers ./modules/ha-customers
# ./modules/firefox-sync.nix ./modules/firefox-sync.nix
# home assistant # home assistant
./modules/home-assistant ./modules/home-assistant

1
hosts/fw/modules/dnsmasq.nix
View File

@@ -125,6 +125,7 @@
"/web.hilgenberg-gmbh.de/91.107.197.169" "/web.hilgenberg-gmbh.de/91.107.197.169"
# gaming # gaming
"/foundry-vtt.cloonar.com/${config.networkPrefix}.97.5" "/foundry-vtt.cloonar.com/${config.networkPrefix}.97.5"
"/sync.cloonar.com/${config.networkPrefix}.97.5"
"/deconz.cloonar.multimedia/${config.networkPrefix}.97.22" "/deconz.cloonar.multimedia/${config.networkPrefix}.97.22"

54
hosts/fw/modules/firefox-sync.nix
View File

@@ -1,8 +1,11 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let let
domain = "sync.cloonar.com"; domain = "sync.cloonar.com";
networkPrefix = config.networkPrefix;
in { in {
sops.secrets.firefox-sync = { }; sops.secrets.firefox-sync = {
mode = "0777";
};
security.acme.certs."${domain}" = { security.acme.certs."${domain}" = {
group = "nginx"; group = "nginx";
@@ -14,68 +17,41 @@ in {
privateNetwork = true; privateNetwork = true;
hostBridge = "server"; hostBridge = "server";
hostAddress = "${config.networkPrefix}.97.1"; hostAddress = "${config.networkPrefix}.97.1";
localAddress = "${config.networkPrefix}.97.51/24"; localAddress = "${config.networkPrefix}.97.6/24";
bindMounts = { bindMounts = {
"/run/secrets/firefox-sync" = { "/run/secrets/firefox-sync" = {
hostPath = "/run/secrets/firefox-sync"; hostPath = "/run/secrets/firefox-sync";
isReadOnly = true; isReadOnly = true;
}; };
"/var/lib/acme/${domain}/" = {
hostPath = "${config.security.acme.certs.${domain}.directory}";
isReadOnly = true;
};
}; };
config = { lib, config, pkgs, ... }: { config = { lib, config, pkgs, ... }: {
networking = { networking = {
hostName = "firefox-sync"; hostName = "firefox-sync";
useHostResolvConf = false; useHostResolvConf = false;
defaultGateway = { defaultGateway = {
address = "${config.networkPrefix}.97.1"; address = "${networkPrefix}.97.1";
interface = "eth0"; interface = "eth0";
}; };
firewall.enable = false; nameservers = [ "${networkPrefix}.97.1" ];
nameservers = [ "${config.networkPrefix}.97.1" ];
};
services.nginx.enable = true;
services.nginx.virtualHosts."${domain}" = {
sslCertificate = "/var/lib/acme/${domain}/fullchain.pem";
sslCertificateKey = "/var/lib/acme/${domain}/key.pem";
sslTrustedCertificate = "/var/lib/acme/${domain}/chain.pem";
listen = [
{
addr = "0.0.0.0";
ssl = true;
port = 5000;
}
];
locations."/" = {
proxyPass = "http://localhost:5001/";
recommendedProxySettings = true;
};
}; };
services.mysql.package = pkgs.mariadb; services.mysql.package = pkgs.mariadb;
services.firefox-syncserver = { services.firefox-syncserver = {
enable = true; enable = true;
settings.host = "0.0.0.0";
singleNode = { singleNode = {
enable = true; enable = true;
enableNginx = false; hostname = "0.0.0.0";
hostname = domain; url = "https://${domain}";
};
settings = {
port = 5001;
tokenserver.enable = true;
}; };
secrets = "/run/secrets/firefox-sync"; secrets = "/run/secrets/firefox-sync";
logLevel = "trace"; logLevel = "debug";
}; };
services.openssh.enable = true; networking.firewall = {
users.users.root.openssh.authorizedKeys.keys = [ enable = true;
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDN/2SAFm50kraB1fepAizox/QRXxB7WbqVbH+5OPalDT47VIJGNKOKhixQoqhABHxEoLxdf/C83wxlCVlPV9poLfDgVkA3Lyt5r3tSFQ6QjjOJAgchWamMsxxyGBedhKvhiEzcr/Lxytnoz3kjDG8fqQJwEpdqMmJoMUfyL2Rqp16u+FQ7d5aJtwO8EUqovhMaNO7rggjPpV/uMOg+tBxxmscliN7DLuP4EMTA/FwXVzcFNbOx3K9BdpMRAaSJt4SWcJO2cS2KHA5n/H+PQI7nz5KN3Yr/upJN5fROhi/SHvK39QOx12Pv7FCuWlc+oR68vLaoCKYhnkl3DnCfc7A7" allowedTCPPorts = [ 5000 ];
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIRQuPqH5fdX3KEw7DXzWEdO3AlUn1oSmtJtHB71ICoH Generated By Termius" };
];
system.stateVersion = "23.05"; system.stateVersion = "23.05";
}; };

9
hosts/fw/modules/web/proxies.nix
View File

@@ -16,4 +16,13 @@
proxyWebsockets = true; proxyWebsockets = true;
}; };
}; };
services.nginx.virtualHosts."sync.cloonar.com" = {
forceSSL = true;
enableACME = true;
acmeRoot = null;
locations."/" = {
proxyPass = "http://${config.networkPrefix}.97.6:5000";
recommendedProxySettings = true;
};
};
} }

2
hosts/nb/users/dominik.nix
View File

@@ -72,7 +72,7 @@ let
"devtools.toolbox.host" = "right"; "devtools.toolbox.host" = "right";
"browser.uiCustomization.state" = "{\"placements\":{\"widget-overflow-fixed-list\":[],\"unified-extensions-area\":[],\"nav-bar\":[\"back-button\",\"forward-button\",\"stop-reload-button\",\"urlbar-container\",\"downloads-button\",\"screenshot-button\",\"ublock0_raymondhill_net-browser-action\",\"jid1-mnnxcxisbpnsxq_jetpack-browser-action\",\"_d634138d-c276-4fc8-924b-40a0ea21d284_-browser-action\",\"_446900e4-71c2-419f-a6a7-df9c091e268b_-browser-action\",\"_testpilot-containers-browser-action\",\"unified-extensions-button\"],\"toolbar-menubar\":[\"menubar-items\"],\"TabsToolbar\":[\"firefox-view-button\",\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\"],\"PersonalToolbar\":[\"import-button\",\"personal-bookmarks\"]},\"seen\":[\"save-to-pocket-button\",\"_d634138d-c276-4fc8-924b-40a0ea21d284_-browser-action\",\"_testpilot-containers-browser-action\",\"_446900e4-71c2-419f-a6a7-df9c091e268b_-browser-action\",\"ublock0_raymondhill_net-browser-action\",\"jid1-mnnxcxisbpnsxq_jetpack-browser-action\",\"developer-button\"],\"dirtyAreaCache\":[\"unified-extensions-area\",\"nav-bar\",\"PersonalToolbar\"],\"currentVersion\":20,\"newElementCount\":3}"; "browser.uiCustomization.state" = "{\"placements\":{\"widget-overflow-fixed-list\":[],\"unified-extensions-area\":[],\"nav-bar\":[\"back-button\",\"forward-button\",\"stop-reload-button\",\"urlbar-container\",\"downloads-button\",\"screenshot-button\",\"ublock0_raymondhill_net-browser-action\",\"jid1-mnnxcxisbpnsxq_jetpack-browser-action\",\"_d634138d-c276-4fc8-924b-40a0ea21d284_-browser-action\",\"_446900e4-71c2-419f-a6a7-df9c091e268b_-browser-action\",\"_testpilot-containers-browser-action\",\"unified-extensions-button\"],\"toolbar-menubar\":[\"menubar-items\"],\"TabsToolbar\":[\"firefox-view-button\",\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\"],\"PersonalToolbar\":[\"import-button\",\"personal-bookmarks\"]},\"seen\":[\"save-to-pocket-button\",\"_d634138d-c276-4fc8-924b-40a0ea21d284_-browser-action\",\"_testpilot-containers-browser-action\",\"_446900e4-71c2-419f-a6a7-df9c091e268b_-browser-action\",\"ublock0_raymondhill_net-browser-action\",\"jid1-mnnxcxisbpnsxq_jetpack-browser-action\",\"developer-button\"],\"dirtyAreaCache\":[\"unified-extensions-area\",\"nav-bar\",\"PersonalToolbar\"],\"currentVersion\":20,\"newElementCount\":3}";
"signon.rememberSignons" = false; "signon.rememberSignons" = false;
"identity.sync.tokenserver.uri" = "https://sync.cloonar.com:5000/token/1.0/sync/1.5"; "identity.sync.tokenserver.uri" = "https://sync.cloonar.com/1.0/sync/1.5";
# "toolkit.legacyUserProfileCustomizations.stylesheets" = true; # "toolkit.legacyUserProfileCustomizations.stylesheets" = true;
"layout.css.devPixelsPerPx" = "1.5"; "layout.css.devPixelsPerPx" = "1.5";
"media.ffmpeg.vaapi.enabled" = true; "media.ffmpeg.vaapi.enabled" = true;