diff options
| author | Linnnus <[email protected]> | 2025-03-16 01:33:22 +0100 |
|---|---|---|
| committer | Linnnus <[email protected]> | 2025-03-16 01:35:09 +0100 |
| commit | 54f49d20feebdf1df38ac33c575b322980a148dc (patch) | |
| tree | 179558be39ce8358ae8021380bdd13b9c23adc02 /hosts | |
| parent | 83f80c3236d6be8a0a8a29c5a9bd4c4761cdff14 (diff) | |
ahmed: Move torrenting webuis to local-only DNS view
Diffstat (limited to 'hosts')
| -rw-r--r-- | hosts/ahmed/dns/default.nix | 2 | ||||
| -rw-r--r-- | hosts/ahmed/torrenting/reverse-proxy.nix | 50 |
2 files changed, 16 insertions, 36 deletions
diff --git a/hosts/ahmed/dns/default.nix b/hosts/ahmed/dns/default.nix index 35360f7..f590f2f 100644 --- a/hosts/ahmed/dns/default.nix +++ b/hosts/ahmed/dns/default.nix @@ -21,6 +21,8 @@ .internal:127.0.0.1:a =ahmed.internal:${metadata.hosts.ahmed.ipAddress} =muhammed.internal:${metadata.hosts.muhammed.ipAddress} + =jellyfin.internal:${metadata.hosts.ahmed.ipAddress} + =qbittorrent.internal:${metadata.hosts.ahmed.ipAddress} ''; }; diff --git a/hosts/ahmed/torrenting/reverse-proxy.nix b/hosts/ahmed/torrenting/reverse-proxy.nix index a829e5a..1cee18f 100644 --- a/hosts/ahmed/torrenting/reverse-proxy.nix +++ b/hosts/ahmed/torrenting/reverse-proxy.nix @@ -6,8 +6,7 @@ lib, ... }: let - baseDomain = "ulovlighacker.download"; - wwwDomain = "www.${baseDomain}"; + baseDomain = "internal"; qbDomain = "qbittorrent.${baseDomain}"; jellyfinDomain = "jellyfin.${baseDomain}"; @@ -31,33 +30,9 @@ in { }; }; - services.jellyfin.openFirewall = false; - # Use NGINX as a reverse proxy. services.nginx = { - virtualHosts."${baseDomain}" = { - enableACME = useACME; - forceSSL = useACME; - - serverAliases = [wwwDomain]; - - locations."/" = { - index = "index.html"; - root = pkgs.runCommand "${baseDomain}-portal" {inherit qbDomain jellyfinDomain;} '' - mkdir $out - - ${pkgs.xorg.lndir}/bin/lndir ${./portal} $out - - rm $out/index.html - substituteAll ${./portal/index.html} $out/index.html - ''; - }; - }; - virtualHosts.${qbDomain} = { - enableACME = useACME; - forceSSL = useACME; - locations."/" = { proxyPass = "http://localhost:${toString qbWebUiPort}"; recommendedProxySettings = true; @@ -65,9 +40,6 @@ in { }; virtualHosts.${jellyfinDomain} = { - enableACME = useACME; - forceSSL = useACME; - locations."/" = { # This is the "static port" of the HTTP web interface. # @@ -75,14 +47,20 @@ in { proxyPass = "http://localhost:8096"; recommendedProxySettings = true; }; + + # See: https://jellyfin.org/docs/general/networking/nginx + # See: https://nginx.org/en/docs/http/websocket.html + locations."/socket" = { + proxyPass = "http://localhost:8096"; + recommendedProxySettings = true; + extraConfig = '' + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + ''; + }; }; }; - # Register the domains with the DDNS client. - services.cloudflare-dyndns.domains = [ - baseDomain - wwwDomain - qbDomain - jellyfinDomain - ]; + # See also `hosts/ahmed/dns/default.nix`. } |