diff --git a/hosts/muho/configuration.nix b/hosts/muho/configuration.nix index e7ec3f5..199d2e9 100644 --- a/hosts/muho/configuration.nix +++ b/hosts/muho/configuration.nix @@ -19,8 +19,7 @@ in { mods.theme.enable = true; mods.theme.scheme = "woodland"; - mods.server.media.enable = true; - + mods.server.photos.enable = true; mods.server.search.enable = true; mods.tailscale.enable = true; diff --git a/hosts/mups/configuration.nix b/hosts/mups/configuration.nix index 58b49b5..9b81da0 100644 --- a/hosts/mups/configuration.nix +++ b/hosts/mups/configuration.nix @@ -33,11 +33,8 @@ in { mods.server.sync.address = "100.85.27.29"; mods.server.sync.port = "8385"; - mods.server.media.enable = false; - mods.server.photoprism.enable = false; - - mods.server.wireguard.enable = true; mods.server.headscale.enable = false; + mods.server.wireguard.enable = true; mods.server.nginx.enable = true; # Use the GRUB 2 boot loader. diff --git a/modules/nixos/core/network.nix b/modules/nixos/core/network.nix index 50f112e..15d7776 100644 --- a/modules/nixos/core/network.nix +++ b/modules/nixos/core/network.nix @@ -30,8 +30,8 @@ in with lib; { # udev 250 doesn't reliably reinitialize devices after restart systemd.services.systemd-udevd.restartIfChanged = false; - systemd.services.NetworkManager-wait-online.enable = lib.mkForce false; - systemd.services.systemd-networkd-wait-online.enable = lib.mkForce false; + # systemd.services.NetworkManager-wait-online.enable = lib.mkForce false; + # systemd.services.systemd-networkd-wait-online.enable = lib.mkForce false; services.tailscale.enable = cfg.tailscale.enable; diff --git a/modules/nixos/server/media.nix b/modules/nixos/server/media.nix index 7c39742..b2c090d 100644 --- a/modules/nixos/server/media.nix +++ b/modules/nixos/server/media.nix @@ -1,27 +1,50 @@ -{ pkgs, lib, config, ... }: { - options.mods.server.media = { - enable = lib.mkEnableOption { - default = false; - description = "enables media related servers"; +{ pkgs, lib, config, ... }: +let + cfg = config.mods.server; + port = 2283; +in with lib; { + options.mods.server = { + videos = { + enable = mkEnableOption { + default = false; + description = "enables jellyfin server"; + }; + }; + + photos = { + enable = mkEnableOption { + default = false; + description = "enables immich server"; + }; }; }; - config = lib.mkIf config.mods.server.media.enable { - services.jellyfin = { + config = { + services.jellyfin = mkIf cfg.videos.enable { enable = true; openFirewall = true; user = "${config.mods.user.name}"; }; - services.immich = { + # mods.server.nginx.ports.photos = port; + services.nginx.virtualHosts."photos.muon.host" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://10.0.0.3:${toString port}"; + proxyWebsockets = true; # needed if you need to use WebSocket + extraConfig = + # required when the server wants to use HTTP Authentication + "proxy_pass_header Authorization;"; + }; + }; + services.immich = mkIf cfg.photos.enable { enable = true; openFirewall = true; host = "0.0.0.0"; - # user = "${config.mods.user.name}"; + port = port; }; - - users.users.immich.extraGroups = [ "video" "render" ]; - - mods.server.nginx.hosts."photos" = 2283; + users.users.immich = + mkIf cfg.photos.enable { extraGroups = [ "video" "render" ]; }; }; } diff --git a/modules/nixos/server/nginx.nix b/modules/nixos/server/nginx.nix index 812447f..b686260 100644 --- a/modules/nixos/server/nginx.nix +++ b/modules/nixos/server/nginx.nix @@ -20,7 +20,7 @@ in with lib; { default = "muon.host"; }; - hosts = mkOption { + ports = mkOption { type = types.attrsOf (types.ints.u16); default = { }; }; @@ -71,21 +71,18 @@ in with lib; { proxy_pass_header Authorization; ''; - virtualHosts = let - base = locations: { - inherit locations; + # virtualHosts = let + # base = locations: { + # inherit locations; - forceSSL = true; - enableACME = true; - }; - proxy = port: - base { - "/".proxyPass = cfg.ip + toString port + "/"; - default = true; - }; - in mapAttrs' - (name: port: nameValuePair ("${name}.${cfg.domain}") (proxy port)) - cfg.hosts; + # forceSSL = true; + # enableACME = true; + # }; + # proxy = port: + # base { "/".proxyPass = "http://${cfg.ip}:${toString port}/"; }; + # in mapAttrs' (name: port: + # nameValuePair ("${name}.${cfg.domain}") + # (proxy port // { default = true; })) cfg.ports; }; }; } diff --git a/modules/nixos/server/search.nix b/modules/nixos/server/search.nix index a08507c..9f03c15 100644 --- a/modules/nixos/server/search.nix +++ b/modules/nixos/server/search.nix @@ -2,36 +2,39 @@ let inherit (lib) types mkOption mkEnableOption; cfg = config.mods.server.search; + port = 8081; in { options.mods.server.search = { enable = mkEnableOption { default = false; description = "enables search engine server"; }; - - port = mkOption { - type = types.port; - default = 8081; - }; - - nginx = mkOption { - type = types.nullOr types.str; - default = "search"; - }; }; config = { + # mods.server.nginx.ports.search = port; + services.nginx.virtualHosts."search.muon.host" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://10.0.0.3:${toString port}"; + proxyWebsockets = true; # needed if you need to use WebSocket + extraConfig = + # required when the server wants to use HTTP Authentication + "proxy_pass_header Authorization;"; + }; + }; services.searx = lib.mkIf cfg.enable { enable = true; - runInUwsgi = true; - uwsgiConfig = { - disable-logging = true; - http = ":${toString cfg.port}"; - }; + # runInUwsgi = true; + # uwsgiConfig = { + # disable-logging = true; + # http = ":${toString port}"; + # }; settings = { - server.port = cfg.port; + server.port = port; server.bind_address = "0.0.0.0"; server.secret_key = "temporary-before-sops"; @@ -43,6 +46,5 @@ in { }; }; }; - }; }