diff --git a/flake.lock b/flake.lock index ebb9fd2..3503813 100755 --- a/flake.lock +++ b/flake.lock @@ -124,11 +124,11 @@ ] }, "locked": { - "lastModified": 1770318660, - "narHash": "sha256-yFVde8QZK7Dc0Xa8eQDsmxLX4NJNfL1NKfctSyiQgMY=", + "lastModified": 1771037579, + "narHash": "sha256-NX5XuhGcsmk0oEII2PEtMRgvh2KaAv3/WWQsOpxAgR4=", "owner": "nix-community", "repo": "home-manager", - "rev": "471e6a065f9efed51488d7c51a9abbd387df91b8", + "rev": "05e6dc0f6ed936f918cb6f0f21f1dad1e4c53150", "type": "github" }, "original": { @@ -182,11 +182,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1769302137, - "narHash": "sha256-QEDtctEkOsbx8nlFh4yqPEOtr4tif6KTqWwJ37IM2ds=", + "lastModified": 1770882871, + "narHash": "sha256-nw5g+xl3veea+maxJ2/81tMEA/rPq9aF1H5XF35X+OE=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "a351494b0e35fd7c0b7a1aae82f0afddf4907aa8", + "rev": "af04cb78aa85b2a4d1c15fc7270347e0d0eda97b", "type": "github" }, "original": { @@ -206,11 +206,11 @@ ] }, "locked": { - "lastModified": 1769217863, - "narHash": "sha256-RY9kJDXD6+2Td/59LkZ0PFSereCXHdBX9wIkbYjRKCY=", + "lastModified": 1770657009, + "narHash": "sha256-v/LA5ZSJ+JQYzMSKB4sySM0wKfsAqddNzzxLLnbsV/E=", "owner": "nix-community", "repo": "NixOS-WSL", - "rev": "38a5250e57f583662eac3b944830e4b9e169e965", + "rev": "5b50ea1aaa14945d4794c80fcc99c4aa1db84d2d", "type": "github" }, "original": { @@ -222,11 +222,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1770169770, - "narHash": "sha256-awR8qIwJxJJiOmcEGgP2KUqYmHG4v/z8XpL9z8FnT1A=", + "lastModified": 1770843696, + "narHash": "sha256-LovWTGDwXhkfCOmbgLVA10bvsi/P8eDDpRudgk68HA8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "aa290c9891fa4ebe88f8889e59633d20cc06a5f2", + "rev": "2343bbb58f99267223bc2aac4fc9ea301a155a16", "type": "github" }, "original": { @@ -238,11 +238,11 @@ }, "nixpkgs-master": { "locked": { - "lastModified": 1770399603, - "narHash": "sha256-m71il0j9Q8gt2Y0mskoXBTugdhP6lvC+CqfG2qgGt58=", + "lastModified": 1771056776, + "narHash": "sha256-0l776LxthDY08ujQ1h83k9z6K5vBg1bGc415AWeFOOI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f282aecd2b049a5a5e66c204d85fadf06463b2b2", + "rev": "d22fe1660f1f1ccbd52c9d2c09e92fe3861dd691", "type": "github" }, "original": { @@ -254,11 +254,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1770136044, - "narHash": "sha256-tlFqNG/uzz2++aAmn4v8J0vAkV3z7XngeIIB3rM3650=", + "lastModified": 1770770419, + "narHash": "sha256-iKZMkr6Cm9JzWlRYW/VPoL0A9jVKtZYiU4zSrVeetIs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e576e3c9cf9bad747afcddd9e34f51d18c855b4e", + "rev": "6c5e707c6b5339359a9a9e215c5e66d6d802fd7a", "type": "github" }, "original": { @@ -275,11 +275,11 @@ ] }, "locked": { - "lastModified": 1770398074, - "narHash": "sha256-MSOnwHi3BJu6xbBJZOMGA+Xhw1mTAJMJfnc/IopCzz4=", + "lastModified": 1771045170, + "narHash": "sha256-esBQIlClWRgYYvtYW27N79fCbOUkuFj3gxwJrb8WFX4=", "owner": "noctalia-dev", "repo": "noctalia-shell", - "rev": "4449ba25f83393d5f3fec2547b6d99e99bdc9451", + "rev": "92612c09a9dce53d5dd60e53f066160f1cdf13b4", "type": "github" }, "original": { @@ -340,11 +340,11 @@ ] }, "locked": { - "lastModified": 1769956244, + "lastModified": 1770766818, "narHash": "sha256-12RCFLyAedyMOdenUi7cN3ioJPEGjA/ZG1BLjugfUVs=", "owner": "nix-community", "repo": "plasma-manager", - "rev": "fe54ea85c6e4413fba03b84d50f2b431d2f7c831", + "rev": "44b928068359b7d2310a34de39555c63c93a2c90", "type": "github" }, "original": { @@ -383,11 +383,11 @@ ] }, "locked": { - "lastModified": 1770145881, - "narHash": "sha256-ktjWTq+D5MTXQcL9N6cDZXUf9kX8JBLLBLT0ZyOTSYY=", + "lastModified": 1770683991, + "narHash": "sha256-xVfPvXDf9QN3Eh9dV+Lw6IkWG42KSuQ1u2260HKvpnc=", "owner": "Mic92", "repo": "sops-nix", - "rev": "17eea6f3816ba6568b8c81db8a4e6ca438b30b7c", + "rev": "8b89f44c2cc4581e402111d928869fe7ba9f7033", "type": "github" }, "original": { @@ -446,11 +446,11 @@ }, "zeroq-credentials": { "locked": { - "lastModified": 1767550838, - "narHash": "sha256-AExKXIA9d66V8JGYKqaw5o+xxQR/v4b8omAqgSGHYyg=", + "lastModified": 1771353173, + "narHash": "sha256-uTLQzud01UGJo3ZZ4LG8ku3RHyo0M8YeBdLRMtB7yDY=", "ref": "refs/heads/master", - "rev": "5df30a8ba769e4039768f27cfae6666006903dc4", - "revCount": 72, + "rev": "c07dd5f1fe91646604db115bfcd0baaf1dc0bbb9", + "revCount": 73, "type": "git", "url": "ssh://git@github.com/oqyude/zeroq-credentials.git" }, diff --git a/modules/essentials/settings.nix b/modules/essentials/settings.nix index c3637b8..a989dc0 100644 --- a/modules/essentials/settings.nix +++ b/modules/essentials/settings.nix @@ -30,7 +30,7 @@ stalled-download-timeout = 4; connect-timeout = 4; auto-optimise-store = true; - # fallback = true; + fallback = true; # allow-import-from-derivation = false; # keep-derivations = true; # keep-outputs = true; diff --git a/modules/vds/3x-ui.nix b/modules/vds/3x-ui.nix index ac583ca..3d75ee3 100644 --- a/modules/vds/3x-ui.nix +++ b/modules/vds/3x-ui.nix @@ -10,7 +10,10 @@ # Runtime virtualisation.podman = { enable = true; - autoPrune.enable = true; + autoPrune = { + enable = true; + flags = [ "--all" ]; + }; dockerCompat = true; }; @@ -23,11 +26,19 @@ "${matchAll}".allowedUDPPorts = [ 53 ]; }; + networking.firewall = { + allowedTCPPorts = [ + 14380 + ]; + allowedUDPPorts = [ + 14380 + ]; + }; virtualisation.oci-containers.backend = "podman"; # Containers virtualisation.oci-containers.containers."3xui_app" = { - image = "localhost:7443/compose2nix/3xui_app"; + image = "ghcr.io/mhsanaei/3x-ui:latest"; environment = { "XRAY_VMESS_AEAD_FORCED" = "false"; "XUI_ENABLE_FAIL2BAN" = "true"; diff --git a/modules/vds/containers.nix b/modules/vds/containers.nix new file mode 100644 index 0000000..494db3a --- /dev/null +++ b/modules/vds/containers.nix @@ -0,0 +1,16 @@ +{ + config, + pkgs, + inputs, + ... +}: +{ + imports = [ + ./3x-ui.nix + ]; + + environment.systemPackages = with pkgs; [ + compose2nix + podman-tui + ]; +} diff --git a/modules/vds/default.nix b/modules/vds/default.nix index a949097..60f36d1 100644 --- a/modules/vds/default.nix +++ b/modules/vds/default.nix @@ -4,7 +4,7 @@ }: { imports = [ - ./docker.nix + ./containers.nix # ../services/uptime-kuma.nix # ./netbird.nix ./nginx.nix diff --git a/modules/vds/docker.nix b/modules/vds/docker.nix deleted file mode 100644 index c6f8844..0000000 --- a/modules/vds/docker.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ - config, - pkgs, - inputs, - ... -}: -{ - imports = [ - # ./3x-ui.nix - ]; - - # virtualisation = { - # docker.enable = true; - # }; - - environment.systemPackages = [ - # inputs.compose2nix.packages.x86_64-linux.default - ]; -} diff --git a/modules/vds/nginx.nix b/modules/vds/nginx.nix index 75434da..f37c4a5 100644 --- a/modules/vds/nginx.nix +++ b/modules/vds/nginx.nix @@ -33,6 +33,20 @@ in ''; }; }; + "x.zeroq.ru" = { + forceSSL = true; + enableACME = true; + locations = { + "/" = { + proxyPass = "http://localhost:2053"; + proxyWebsockets = true; + }; + "/subs/" = { + proxyPass = "http://localhost:2096"; + proxyWebsockets = true; + }; + }; + }; "kuma.zeroq.ru" = { forceSSL = true; enableACME = true;