diff --git a/hosts/x86_64-linux/beleth/calibre-web.nix b/hosts/x86_64-linux/beleth/calibre-web.nix new file mode 100644 index 0000000..9b10a28 --- /dev/null +++ b/hosts/x86_64-linux/beleth/calibre-web.nix @@ -0,0 +1,10 @@ +{config, lib, ...}: +{ + services.calibre-web = { + enable = true; + options = { + enableBookUploading = true; + # calibreLibrary = "/home/xqtc/ebooks"; + }; + }; +} diff --git a/hosts/x86_64-linux/beleth/default.nix b/hosts/x86_64-linux/beleth/default.nix index 225a08d..4f1298c 100644 --- a/hosts/x86_64-linux/beleth/default.nix +++ b/hosts/x86_64-linux/beleth/default.nix @@ -10,46 +10,12 @@ with lib; { ./hardware-configuration.nix ./monitoring.nix ./jellyfin.nix + ./calibre-web.nix + ./transmission.nix + ./lanrarari.nix + ../../gc.nix ]; - # users.users.nginx.extraGroups = ["acme"]; - - # services.nginx = { - # enable = true; - # package = pkgs.nginxQuic; - # - # recommendedGzipSettings = true; - # recommendedOptimisation = true; - # recommendedProxySettings = true; - # recommendedTlsSettings = true; - # - # # sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL"; - # # sslProtocols = mkDefault "TLSv1.3"; - # - # clientMaxBodySize = mkDefault "128M"; - # commonHttpConfig = '' - # map $scheme $hsts_header { - # https "max-age=31536000; includeSubdomains; preload"; - # } - # add_header Strict-Transport-Security $hsts_header; - # add_header X-Content-Type-Options "nosniff" always; - # add_header X-XSS-Protection "1; mode=block" always; - # add_header X-Frame-Options "SAMEORIGIN" always; - # add_header Referrer-Policy "same-origin" always; - # ''; - # }; - # - # security.acme = { - # acceptTerms = true; - # defaults.email = "xqtc@tutanota.com"; - # defaults.keyType = "ec256"; - # # certs = { - # # # "heroin.trade" = {}; - # # "jellyfin.heroin.trade" = {}; - # # "grafana.heroin.trade" = {}; - # # }; - # }; - services.caddy = { enable = true; email = "xqtc@tutanota.com"; @@ -58,9 +24,16 @@ with lib; { root * /var/www/website/build/ file_server } + demos.heroin.trade { + root * /var/www/demos/ + file_server browse + } jellyfin.heroin.trade { reverse_proxy http://127.0.0.1:8096 } + calibre.heroin.trade { + reverse_proxy http://localhost:3000 + } grafana.heroin.trade { reverse_proxy http://127.0.0.1:2342 } @@ -121,6 +94,9 @@ with lib; { # Enable the OpenSSH daemon. services.openssh.enable = true; + services.resolved.enable = true; + services.mullvad-vpn.enable = true; + # Open ports in the firewall. networking.firewall.allowedTCPPorts = [22 80 443]; # networking.firewall.allowedUDPPorts = [443]; diff --git a/hosts/x86_64-linux/beleth/lanrarari.nix b/hosts/x86_64-linux/beleth/lanrarari.nix new file mode 100644 index 0000000..f412c5a --- /dev/null +++ b/hosts/x86_64-linux/beleth/lanrarari.nix @@ -0,0 +1,4 @@ +{config, pkgs, lib, ...}: +{ + services.lanraragi.enable = true; +} diff --git a/hosts/x86_64-linux/beleth/monitoring.nix b/hosts/x86_64-linux/beleth/monitoring.nix index 520d4bd..9b28cda 100644 --- a/hosts/x86_64-linux/beleth/monitoring.nix +++ b/hosts/x86_64-linux/beleth/monitoring.nix @@ -8,7 +8,7 @@ enable = true; port = 2342; addr = "127.0.0.1"; - domain = "grafan.heroin.trade"; + domain = "grafana.heroin.trade"; }; services.prometheus = { diff --git a/hosts/x86_64-linux/beleth/transmission.nix b/hosts/x86_64-linux/beleth/transmission.nix new file mode 100644 index 0000000..212cf79 --- /dev/null +++ b/hosts/x86_64-linux/beleth/transmission.nix @@ -0,0 +1,6 @@ +{config, lib, ...}: +{ + services.transmission = { + enable = true; + }; +}