From 222f1e92dbc10aa389f712ae0d345befe4e5423f Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 22 Feb 2023 07:27:10 +0100 Subject: l orange.r: add coms service, proxy via neoprism.r --- lass/2configs/services/coms/proxy.nix | 41 +++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 lass/2configs/services/coms/proxy.nix (limited to 'lass/2configs/services/coms/proxy.nix') diff --git a/lass/2configs/services/coms/proxy.nix b/lass/2configs/services/coms/proxy.nix new file mode 100644 index 000000000..57e132151 --- /dev/null +++ b/lass/2configs/services/coms/proxy.nix @@ -0,0 +1,41 @@ +{ config, lib, pkgs, ... }: +let + tcpports = [ + 4443 # jitsi + 64738 # murmur + ]; + udpports = [ + 10000 # jitsi + 64738 # murmur + ]; + target = "orange.r"; +in +{ + networking.firewall.allowedTCPPorts = tcpports; + networking.firewall.allowedUDPPorts = udpports; + services.nginx.streamConfig = '' + ${lib.concatMapStringsSep "\n" (port: '' + server { + listen ${toString port}; + proxy_pass ${target}:${toString port}; + } + '') tcpports} + ${lib.concatMapStringsSep "\n" (port: '' + server { + listen ${toString port} udp; + proxy_pass ${target}:${toString port}; + } + '') udpports} + ''; + + services.nginx.virtualHosts."jitsi.lassul.us" = { + enableACME = true; + acmeFallbackHost = "${target}"; + addSSL = true; + locations."/" = { + recommendedProxySettings = true; + proxyWebsockets = true; + proxyPass = "http://${target}"; + }; + }; +} -- cgit v1.2.3