diff --git a/nixosConfigurations/hosts/server.nix b/nixosConfigurations/hosts/server.nix index ca439c4..923df1b 100755 --- a/nixosConfigurations/hosts/server.nix +++ b/nixosConfigurations/hosts/server.nix @@ -67,7 +67,7 @@ let }; systemd.tmpfiles.rules = [ - "z /mnt/services 0755 root root -" + "z ${xlib.dirs.services-mnt-folder} 0755 root root -" ]; services = { diff --git a/nixosModules/server/cloudflared.nix b/nixosModules/server/cloudflared.nix deleted file mode 100755 index e0409a3..0000000 --- a/nixosModules/server/cloudflared.nix +++ /dev/null @@ -1,72 +0,0 @@ -{ - config, - lib, - pkgs, - xlib, - ... -}: -{ - services = { - cloudflared = { - enable = false; - certificateFile = "${xlib.dirs.server-credentials}/cloudflared/cert.pem"; - tunnels = { - "58b340ee-e98a-4af9-b786-74600c71f49e" = { - credentialsFile = "${xlib.dirs.server-credentials}/cloudflared/server.json"; - warp-routing.enabled = true; - ingress = { - "immich.zeroq.ru" = { - service = "http://localhost:2283"; - }; - "nextcloud.zeroq.ru" = { - service = "http://localhost:10000"; - }; - }; - default = "http_status:404"; - }; - # "58b340ee-e98a-4af9-b786-74600c71f49e" = { - # credentialsFile = "${xlib.dirs.server-credentials}/cloudflared/server.json"; - # warp-routing.enabled = true; - # ingress = { - # "nextcloud.zeroq.ru" = { - # service = "http://localhost:10000"; - # }; - # }; - # default = "http_status:404"; - # }; - }; - }; - }; - - # users.users = { - # cloudflared = { - # group = "cloudflared"; - # isSystemUser = true; - # }; - # }; - # users.groups.cloudflared = { }; - # - # systemd.services.cloudflared = { - # after = [ - # "network.target" - # "network-online.target" - # ]; - # wants = [ - # "network.target" - # "network-online.target" - # ]; - # wantedBy = [ "multi-user.target" ]; - # serviceConfig = { - # ExecStart = "${pkgs.cloudflared}/bin/cloudflared tunnel --no-autoupdate --config=${xlib.dirs.server-credentials}/cloudflared/config.yaml --origincert=${xlib.dirs.server-credentials}/cloudflared/cert.pem --credentials-file=${xlib.dirs.server-credentials}/cloudflared/server.json run"; - # Group = "root"; - # User = "root"; - # Restart = "on-failure"; - # }; - # }; - - environment = { - systemPackages = with pkgs; [ - cloudflared - ]; - }; -} diff --git a/nixosModules/server/default.nix b/nixosModules/server/default.nix index f9d3471..a30b72a 100755 --- a/nixosModules/server/default.nix +++ b/nixosModules/server/default.nix @@ -21,6 +21,5 @@ # ./open-webui.nix # ./trilium.nix # ./zerotier.nix - #./cloudflared.nix ]; } diff --git a/nixosModules/services/node-red.nix b/nixosModules/services/node-red.nix index 6e44150..0232113 100644 --- a/nixosModules/services/node-red.nix +++ b/nixosModules/services/node-red.nix @@ -8,5 +8,12 @@ { services.node-red = { enable = true; + port = 1880; + openFirewall = true; + userDir = "${xlib.dirs.services-mnt-folder}/node-red"; }; + + systemd.tmpfiles.rules = [ + "z ${xlib.dirs.services-mnt-folder}/node-red 0750 node-red node-red -" + ]; } diff --git a/nixosModules/vds/cloudflared.nix b/nixosModules/vds/cloudflared.nix deleted file mode 100755 index b428a56..0000000 --- a/nixosModules/vds/cloudflared.nix +++ /dev/null @@ -1,74 +0,0 @@ -{ - config, - pkgs, - inputs, - ... -}: -{ - services = { - cloudflared = { - enable = false; - certificateFile = "${inputs.zeroq-credentials}/services/cloudflared/cert.pem"; - tunnels = { - "58b340ee-e98a-4af9-b786-74600c71f49e" = { - credentialsFile = "${inputs.zeroq-credentials}/services/cloudflared/server.json"; - warp-routing.enabled = true; - ingress = { - "immich.zeroq.ru" = { - service = "http://sapphira.latxa-platy.ts.net:2283"; - }; - "nextcloud.zeroq.ru" = { - service = "http://sapphira.latxa-platy.ts.net:10000"; - }; - "llm.zeroq.ru" = { - service = "http://atoridu.latxa-platy.ts.net:11111"; - }; - }; - default = "http_status:404"; - }; - # "58b340ee-e98a-4af9-b786-74600c71f49e" = { - # credentialsFile = "${inputs.zeroq.dirs.server-credentials}/cloudflared/server.json"; - # warp-routing.enabled = true; - # ingress = { - # "nextcloud.zeroq.ru" = { - # service = "http://localhost:10000"; - # }; - # }; - # default = "http_status:404"; - # }; - }; - }; - }; - - # users.users = { - # cloudflared = { - # group = "cloudflared"; - # isSystemUser = true; - # }; - # }; - # users.groups.cloudflared = { }; - # - # systemd.services.cloudflared = { - # after = [ - # "network.target" - # "network-online.target" - # ]; - # wants = [ - # "network.target" - # "network-online.target" - # ]; - # wantedBy = [ "multi-user.target" ]; - # serviceConfig = { - # ExecStart = "${pkgs.cloudflared}/bin/cloudflared tunnel --no-autoupdate --config=${inputs.zeroq.dirs.server-credentials}/cloudflared/config.yaml --origincert=${inputs.zeroq.dirs.server-credentials}/cloudflared/cert.pem --credentials-file=${inputs.zeroq.dirs.server-credentials}/cloudflared/server.json run"; - # Group = "root"; - # User = "root"; - # Restart = "on-failure"; - # }; - # }; - - environment = { - systemPackages = with pkgs; [ - cloudflared - ]; - }; -} diff --git a/nixosModules/vds/default.nix b/nixosModules/vds/default.nix index fba4eee..f1b1979 100755 --- a/nixosModules/vds/default.nix +++ b/nixosModules/vds/default.nix @@ -5,7 +5,7 @@ { imports = [ ./docker.nix - ./netbird.nix + # ./netbird.nix ./nginx.nix ./xray.nix ]; diff --git a/nixosModules/vds/nginx.nix b/nixosModules/vds/nginx.nix index dc47381..70df3bb 100755 --- a/nixosModules/vds/nginx.nix +++ b/nixosModules/vds/nginx.nix @@ -16,6 +16,18 @@ in recommendedProxySettings = true; recommendedTlsSettings = true; virtualHosts = { + "node-red.zeroq.ru" = { + forceSSL = true; + enableACME = true; + kTLS = true; + locations."/" = { + proxyPass = "http://${server}:1880"; + proxyWebsockets = true; + }; + extraConfig = '' + client_max_body_size 5G; + ''; + }; "flux.zeroq.ru" = { forceSSL = true; enableACME = true;