diff options
author | Ben Sima <ben@bsima.me> | 2021-05-16 07:32:48 -0400 |
---|---|---|
committer | Ben Sima <ben@bsima.me> | 2021-11-26 13:47:35 -0500 |
commit | bcf8845b10b99ed63925c73cd160102d6ec55096 (patch) | |
tree | cb86d52e33eb9b5fa3a8dfbc267e8b8356dc4df4 | |
parent | 9ce6dbf7f2302f6260cc158e3915f1bc6ca8f6b2 (diff) |
Add radicale service and organize ports
-rw-r--r-- | Biz/Cloud/Networking.nix | 10 | ||||
-rw-r--r-- | Biz/Cloud/Ports.nix | 13 | ||||
-rw-r--r-- | Biz/Cloud/Web.nix | 31 |
3 files changed, 40 insertions, 14 deletions
diff --git a/Biz/Cloud/Networking.nix b/Biz/Cloud/Networking.nix index 5165280..fa41650 100644 --- a/Biz/Cloud/Networking.nix +++ b/Biz/Cloud/Networking.nix @@ -1,14 +1,7 @@ { lib, config, ... }: let - ports = { - ssh = 22; - git = 9418; - http = 80; - https = 443; - sabten = 8080; - gemini = 1965; - }; + ports = import ./Ports.nix; in { networking = { firewall = { @@ -19,6 +12,7 @@ in { ports.https ports.sabten ports.gemini + ports.radicale ]; }; nameservers = [ diff --git a/Biz/Cloud/Ports.nix b/Biz/Cloud/Ports.nix new file mode 100644 index 0000000..66016ec --- /dev/null +++ b/Biz/Cloud/Ports.nix @@ -0,0 +1,13 @@ +{ + ssh = 22; + git = 9418; + http = 80; + https = 443; + sabten = 8080; + hoogle = 8008; + gemini = 1965; + devalloc = 8095; + radicale = 5232; + jellyfin = 8096; + dandel-rovbur = 8080; +} diff --git a/Biz/Cloud/Web.nix b/Biz/Cloud/Web.nix index 65968ce..2a47fc1 100644 --- a/Biz/Cloud/Web.nix +++ b/Biz/Cloud/Web.nix @@ -3,13 +3,25 @@ let rootDomain = config.networking.domain; bensIp = "199.26.245.64"; + ports = import ./Ports.nix; in { services = { + radicale = { + enable = true; + config = '' + [server] + hosts = 0.0.0.0:${toString ports.radicale}, [::]:${toString ports.radicale} + [auth] + type = htpasswd + htpasswd_filename = /etc/radicale/users + htpasswd_encryption = plain + ''; + }; gmnisrv = { enable = true; settings = { - listen = "0.0.0.0:1965 [::]:1965"; + listen = "0.0.0.0:${toString ports.gemini} [::]:${toString ports.gemini}"; ":tls" = { store = "/var/lib/gmnisrv"; }; "bsima.me" = { "root" = "/srv/www/ben"; @@ -90,31 +102,37 @@ in }; "hoogle.${rootDomain}" = { - locations."/".proxyPass = "http://${bensIp}:8008"; + locations."/".proxyPass = "http://${bensIp}:${toString ports.hoogle}"; forceSSL = true; useACMEHost = rootDomain; }; "tv.${rootDomain}" = { - locations."/".proxyPass = "http://${bensIp}:8096"; # emby runs on port 8096 + locations."/".proxyPass = "http://${bensIp}:${toString ports.jellyfin}"; + forceSSL = true; + useACMEHost = rootDomain; + }; + + "cal.${rootDomain}" = { + locations."/".proxyPass = "http://localhost:${toString ports.radicale}"; forceSSL = true; useACMEHost = rootDomain; }; "devalloc.io" = { - locations."/".proxyPass = "http://${bensIp}:8095"; + locations."/".proxyPass = "http://${bensIp}:${toString ports.devalloc}"; forceSSL = true; useACMEHost = rootDomain; }; "dandel-rovbur.${rootDomain}" = { - locations."/".proxyPass = "http://${bensIp}:8080"; + locations."/".proxyPass = "http://${bensIp}:${toString ports.dandel-rovbur}"; forceSSL = true; useACMEHost = rootDomain; }; "sabten.${rootDomain}" = { - locations."/".proxyPass = "http://localhost:8080"; + locations."/".proxyPass = "http://localhost:${toString ports.sabten}"; forceSSL = true; useACMEHost = rootDomain; }; @@ -147,5 +165,6 @@ in "hoogle.${rootDomain}" "dandel-rovbur.${rootDomain}" "sabten.${rootDomain}" + "cal.${rootDomain}" ];# } |