diff options
author | lassulus <lassulus@lassul.us> | 2021-09-10 09:22:08 +0200 |
---|---|---|
committer | lassulus <lassulus@lassul.us> | 2021-09-10 09:22:08 +0200 |
commit | f2287d2024a5e3634ffb2115204aa4065afe2a4f (patch) | |
tree | 37fa9df369eb5a8768f8f85366e9b383e526ffc8 | |
parent | 9260452792d0b3722072f33940aebda3eafc128c (diff) |
l: add mumble.lassul.us for mumble-web
-rw-r--r-- | krebs/3modules/lass/default.nix | 1 | ||||
-rw-r--r-- | lass/1systems/prism/config.nix | 14 | ||||
-rw-r--r-- | lass/2configs/murmur.nix | 39 |
3 files changed, 41 insertions, 13 deletions
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index b19e2e6fc..7ad725cd8 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -47,6 +47,7 @@ in { radio 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} jitsi 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} streaming 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} + mumble 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} ''; }; nets = rec { diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 6ce4332da..3a6ab25a4 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -276,19 +276,7 @@ with import <stockholm/lib>; { predicate = "-p udp --dport 60000:61000"; target = "ACCEPT";} ]; } - { - services.murmur = { - enable = true; - bandwidth = 10000000; - registerName = "lassul.us"; - autobanTime = 30; - }; - krebs.iptables.tables.filter.INPUT.rules = [ - { predicate = "-p tcp --dport 64738"; target = "ACCEPT";} - { predicate = "-p udp --dport 64738"; target = "ACCEPT";} - ]; - - } + <stockholm/lass/2configs/murmur.nix> { systemd.services."container@yellow".reloadIfChanged = mkForce false; containers.yellow = { diff --git a/lass/2configs/murmur.nix b/lass/2configs/murmur.nix new file mode 100644 index 000000000..9f325d0af --- /dev/null +++ b/lass/2configs/murmur.nix @@ -0,0 +1,39 @@ +{ config, lib, pkgs, ... }: +{ + services.murmur = { + enable = true; + bandwidth = 10000000; + registerName = "lassul.us"; + autobanTime = 30; + }; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p tcp --dport 64738"; target = "ACCEPT";} + { predicate = "-p udp --dport 64738"; target = "ACCEPT";} + ]; + + systemd.services.docker-mumble-web.serviceConfig = { + StandardOutput = lib.mkForce "journal"; + StandardError = lib.mkForce "journal"; + }; + virtualisation.oci-containers.containers.mumble-web = { + image = "rankenstein/mumble-web"; + environment = { + MUMBLE_SERVER = "lassul.us:64738"; + }; + ports = [ + "64739:8080" + ]; + }; + + services.nginx.virtualHosts."mumble.lassul.us" = { + enableACME = true; + forceSSL = true; + locations."/".extraConfig = '' + proxy_pass http://localhost:64739/; + proxy_set_header Accept-Encoding ""; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + ''; + }; +} |