muon/flake
1
0
Fork 0
mirror of https://codeberg.org/muon/home.git synced 2025-12-06 08:07:45 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'main' of codeberg.org:muon/home

Browse source
This commit is contained in:
muon 2025-01-27 20:12:06 +00:00
commit dba927cf49
5 changed files with 10 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

1
hosts/muho/configuration.nix
View file

@ -38,6 +38,7 @@ in {
mods.server.homebox.enable = true; mods.server.homebox.enable = true;
mods.server.share.enable = true; mods.server.share.enable = true;
mods.server.vault.enable = true; mods.server.vault.enable = true;
mods.server.git.enable = true;
mods.tailscale.enable = true; mods.tailscale.enable = true;
mods.wireguard.id = 3; mods.wireguard.id = 3;

3
hosts/ports.nix
View file

@ -2,9 +2,10 @@
mods.server.nginx.ports = { mods.server.nginx.ports = {
photos = 3001; photos = 3001;
homebox = 3002; homebox = 3002;
git = 3003; # immich-machine-learning = 3003;
share = 3004; share = 3004;
vault = 3005; vault = 3005;
git = 3006;
search = 8081; search = 8081;
videos = 8082; videos = 8082;

1
modules/nixos/server/default.nix
View file

@ -16,5 +16,6 @@
./homebox.nix ./homebox.nix
./share.nix ./share.nix
./vault.nix ./vault.nix
./git.nix
]; ];
} }

4
modules/nixos/server/git.nix
View file

@ -15,13 +15,13 @@ in with lib; {
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.forgejo = { services.forgejo = {
enable = true; enable = true;
stateDir = "/srv/forgejo";
lfs.enable = true; lfs.enable = true;
settings.server = { settings.server = {
HTTP_ADDR = "0.0.0.0"; HTTP_ADDR = "0.0.0.0";
HTTP_PORT = port; HTTP_PORT = port;
SSH_PORT = 91722; SSH_PORT = 22917;
DOMAIN = "git.muon.host"; DOMAIN = "git.muon.host";
ROOT_URL = "https://git.muon.host";
}; };
}; };
}; };

5
modules/nixos/server/nginx.nix
View file

@ -53,7 +53,7 @@ in with lib; {
# add_header Strict-Transport-Security $hsts_header; # add_header Strict-Transport-Security $hsts_header;
# Enable CSP for your services. # Enable CSP for your services.
#add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always; add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always;
# Minimize information leaked to other domains # Minimize information leaked to other domains
add_header 'Referrer-Policy' 'origin-when-cross-origin'; add_header 'Referrer-Policy' 'origin-when-cross-origin';
@ -69,6 +69,9 @@ in with lib; {
# required when the server wants to use HTTP Authentication # required when the server wants to use HTTP Authentication
proxy_pass_header Authorization; proxy_pass_header Authorization;
# This is necessary to pass the correct IP to be hashed
real_ip_header X-Real-IP;
''; '';
virtualHosts = let virtualHosts = let