rob/homelab
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

ergo, but not broken

Browse source
This commit is contained in:
Robert Perce 2026-02-12 23:22:18 -06:00
parent 5747872651
commit b9f585f170
2 changed files with 37 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

21
lxc-ergo.nix
View file

@ -21,7 +21,7 @@
networking.firewall.trustedInterfaces = [ "br-+" ]; networking.firewall.trustedInterfaces = [ "br-+" ];
networking.firewall.allowedTCPPorts = [ networking.firewall.allowedTCPPorts = [
6667 8067
6697 6697
443 443
80 80
@ -45,19 +45,18 @@
virtualHosts."irc.dukeceph.xyz" = { virtualHosts."irc.dukeceph.xyz" = {
addSSL = true; addSSL = true;
enableACME = true; enableACME = true;
locations."/webirc" = { root = "/var/www/html";
proxyPass = "http://unix:/run/ergo/websocket"; locations."/webirc".extraConfig = ''
proxyWebsockets = true; proxy_pass http://127.0.0.1:8067;
extraConfig = '' proxy_read_timeout 600s;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 10m;
''; '';
}; };
}; };
};
users.groups."ergo" = { }; users.groups."ergo" = { };
users.users."ergo" = { users.users."ergo" = {
@ -85,8 +84,15 @@
key = "/etc/letsencrypt/live/irc.dukeceph.xyz/privkey.pem"; key = "/etc/letsencrypt/live/irc.dukeceph.xyz/privkey.pem";
}; };
}; };
":8067" = {
websocket = true;
}; };
}; };
secure-nets = [
"127.0.0.0/24"
"192.168.0.0/24"
];
};
oper-classes = { oper-classes = {
chat-moderator = { chat-moderator = {
title = "Chat Moderator"; title = "Chat Moderator";
@ -128,5 +134,6 @@
systemd.services.ergochat.serviceConfig.DynamicUser = lib.mkForce false; systemd.services.ergochat.serviceConfig.DynamicUser = lib.mkForce false;
systemd.services.ergochat.serviceConfig.User = "ergo"; systemd.services.ergochat.serviceConfig.User = "ergo";
systemd.services.ergochat.serviceConfig.Group = "ergo"; systemd.services.ergochat.serviceConfig.Group = "ergo";
systemd.services.ergochat.restartIfChanged = false;
}; };
} }

7
vm-homelab.nix
View file

@ -26,10 +26,6 @@ in
services.caddy = { services.caddy = {
enable = true; enable = true;
virtualHosts = { virtualHosts = {
"dukeceph.xyz".extraConfig = ''
root * /mnt/nfs/public
file_server browse
'';
"feed.rperce.net".extraConfig = '' "feed.rperce.net".extraConfig = ''
reverse_proxy http://192.168.0.5:8080 reverse_proxy http://192.168.0.5:8080
''; '';
@ -77,9 +73,6 @@ in
"irc.dukeceph.xyz".extraConfig = '' "irc.dukeceph.xyz".extraConfig = ''
reverse_proxy 192.168.0.8 reverse_proxy 192.168.0.8
''; '';
"irc.dukeceph.xyz/webirc".extraConfig = ''
reverse_proxy 192.168.0.8:8067
'';
}; };
}; };