Merge remote-tracking branch 'refs/remotes/origin/main'

hosts/mups/configuration.nix

@@ -75,43 +75,40 @@ in {
       forceSSL = true;
       locations."/" = {proxyPass = "http://10.0.0.3:5001";};
     };
-    "seedbox.muon.host" = {
+    "stream.muon.host" = {
       forceSSL = true;
       enableACME = true;
       locations = {
         "/" = {
           proxyPass = "http://10.0.0.3:3013";
         };
-        "/api" = {
+        "/api/" = {
           proxyPass = "http://10.0.0.3:3014";
           extraConfig =
             #sh
             ''
-              limit_req zone=api burst=20 nodelay;
-
               # CORS headers
-              add_header Access-Control-Allow-Origin "*" always;
+              # add_header Access-Control-Allow-Origin "*" always;
-              add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
+              # add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
-              add_header Access-Control-Allow-Headers "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization" always;
+              # add_header Access-Control-Allow-Headers "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization" always;
-              add_header Access-Control-Expose-Headers "Content-Length,Content-Range" always;
+              # add_header Access-Control-Expose-Headers "Content-Length,Content-Range" always;
 
               # Handle preflight requests
-              if ($request_method = 'OPTIONS') {
+              # if ($request_method = 'OPTIONS') {
-                  add_header Access-Control-Allow-Origin "*";
+              #     add_header Access-Control-Allow-Origin "*";
-                  add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS";
+              #     add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS";
-                  add_header Access-Control-Allow-Headers "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization";
+              #     add_header Access-Control-Allow-Headers "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization";
-                  add_header Content-Type text/plain;
+              #     add_header Content-Type text/plain;
-                  add_header Content-Length 0;
+              #     add_header Content-Length 0;
-                  return 204;
+              #     return 204;
-              }
+              # }
             '';
         };
-        "/api/stream" = {
+        "/api/stream/" = {
           proxyPass = "http://10.0.0.3:3014";
           extraConfig =
             #sh
             ''
-              limit_req zone=download burst=10 nodelay;
               proxy_set_header Range $http_range;
 
               # Streaming optimizations

modules/nixos/core/network.nix

@@ -76,7 +76,7 @@ in
             "10.0.0.${toString wg.id}/24"
             "fdc9:281f:04d7:9ee9::${toString wg.id}/64"
           ];
-          # dns = ["10.0.0.1" "fdc9:281f:04d7:9ee9::1"];
+          dns = ["10.0.0.1" "fdc9:281f:04d7:9ee9::1"];
           mtu = 1500;
           privateKeyFile = "/home/muon/wireguard-keys/private";
 

modules/nixos/server/containers/seedbox.nix

@@ -17,13 +17,9 @@ in
       };
     };
 
-    config =
+    config = mkIf cfg.enable {
-      mkIf config.mods.server.nginx.enable {
-      }
-      // mkIf cfg.enable {
       networking.firewall = {
         allowedTCPPorts = [port bport];
-          allowedUDPPorts = [port bport];
       };
 
       # Runtime
@@ -41,7 +37,7 @@ in
           "seedbox-lite_seedbox_data:/app/data:rw"
         ];
         ports = [
-            "${toString bport}:3001/tcp"
+          "${toString bport}:3000/tcp"
         ];
         log-driver = "journald";
         extraOptions = [