voronind/nix
0
0
Fork 0
Code Issues 40 Pull requests Packages Projects Releases Wiki Activity

Status : Fix proxy access.

Browse source
This commit is contained in:
Dmitry Voronin 2024-06-23 16:21:40 +03:00
parent 6e0acf9132
commit f1e37c8c3d
Signed by: voronind
SSH key fingerprint: SHA256:3kBb4iV2ahufEBNq+vFbUe4QYfHt98DHQjN7QaptY9k
22 changed files with 28 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
container/Status.nix
View file

@ -19,6 +19,7 @@ in {
container.config.dns.address container.config.dns.address
]; ];
}; };
services.uptime-kuma = { services.uptime-kuma = {
enable = true; enable = true;
settings = { settings = {

13
container/default.nix
View file

@ -8,14 +8,14 @@
, ... }: { , ... }: {
inherit host; inherit host;
mkContainer = config: cfg: lib.recursiveUpdate cfg { mkContainer = config: cfg: lib.recursiveUpdate {
autoStart = true; autoStart = true;
hostAddress = host; hostAddress = host;
localAddress = config.address; localAddress = config.address;
privateNetwork = true; privateNetwork = true;
}; } cfg;
mkContainerConfig = config: cfg: lib.recursiveUpdate cfg { mkContainerConfig = config: cfg: lib.recursiveUpdate {
nixpkgs.pkgs = lib.mkForce pkgs; nixpkgs.pkgs = lib.mkForce pkgs;
system.stateVersion = const.stateVersion; system.stateVersion = const.stateVersion;
@ -29,13 +29,13 @@
useHostResolvConf = lib.mkForce false; useHostResolvConf = lib.mkForce false;
firewall.enable = false; firewall.enable = false;
}; };
}; } cfg;
mkContainerDir = cfg: dirs: map (path: "d '${cfg.storage}/${path}' 1777 root root - -") dirs; mkContainerDir = cfg: dirs: map (path: "d '${cfg.storage}/${path}' 1777 root root - -") dirs;
mkServer = cfg: lib.recursiveUpdate cfg { mkServer = cfg: lib.recursiveUpdate {
forceSSL = false; forceSSL = false;
}; } cfg;
attachMedia = type: paths: ro: builtins.listToAttrs (lib.imap0 (i: path: attachMedia = type: paths: ro: builtins.listToAttrs (lib.imap0 (i: path:
{ {
@ -69,6 +69,7 @@
}; };
ddns = { ddns = {
address = "10.1.0.31"; address = "10.1.0.31";
port = 53;
storage = "${storage}/ddns"; storage = "${storage}/ddns";
}; };
dns = { dns = {

1
container/proxy/host/Camera.nix
View file

@ -7,6 +7,7 @@ in {
location / { location / {
allow ${container.localAccess}; allow ${container.localAccess};
allow ${container.config.status.address};
allow ${container.config.vpn.address}; allow ${container.config.vpn.address};
deny all; deny all;
return 301 rtsp://${cfg.address}:${cfg.port}/live/main; return 301 rtsp://${cfg.address}:${cfg.port}/live/main;

1
container/proxy/host/Change.nix
View file

@ -9,6 +9,7 @@ in {
location / { location / {
allow ${container.localAccess}; allow ${container.localAccess};
allow ${container.config.status.address};
allow ${container.config.vpn.address}; allow ${container.config.vpn.address};
deny all; deny all;

1
container/proxy/host/Cloud.nix
View file

@ -9,6 +9,7 @@ in {
location ~ ^/(settings/admin|settings/users|settings/apps|login|api) { location ~ ^/(settings/admin|settings/users|settings/apps|login|api) {
allow ${container.localAccess}; allow ${container.localAccess};
allow ${container.config.status.address};
allow ${container.config.vpn.address}; allow ${container.config.vpn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;

1
container/proxy/host/Download.nix
View file

@ -9,6 +9,7 @@ in {
location / { location / {
allow ${container.localAccess}; allow ${container.localAccess};
allow ${container.config.status.address};
allow ${container.config.vpn.address}; allow ${container.config.vpn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;

1
container/proxy/host/Git.nix
View file

@ -30,6 +30,7 @@ in {
location / { location / {
# allow ${container.localAccess}; # allow ${container.localAccess};
# allow ${container.config.status.address};
# allow ${container.config.vpn.address}; # allow ${container.config.vpn.address};
# deny all; # deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;

1
container/proxy/host/Hdd.nix
View file

@ -9,6 +9,7 @@ in {
location / { location / {
allow ${container.localAccess}; allow ${container.localAccess};
allow ${container.config.status.address};
allow ${container.config.vpn.address}; allow ${container.config.vpn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;

1
container/proxy/host/Home.nix
View file

@ -9,6 +9,7 @@ in {
location / { location / {
allow ${container.localAccess}; allow ${container.localAccess};
allow ${container.config.status.address};
allow ${container.config.vpn.address}; allow ${container.config.vpn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;

1
container/proxy/host/Iot.nix
View file

@ -9,6 +9,7 @@ in {
location / { location / {
allow ${container.localAccess}; allow ${container.localAccess};
allow ${container.config.status.address};
allow ${container.config.vpn.address}; allow ${container.config.vpn.address};
deny all; deny all;

1
container/proxy/host/Mail.nix
View file

@ -9,6 +9,7 @@ in {
location / { location / {
allow ${container.localAccess}; allow ${container.localAccess};
allow ${container.config.status.address};
allow ${container.config.vpn.address}; allow ${container.config.vpn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;

1
container/proxy/host/Office.nix
View file

@ -9,6 +9,7 @@ in {
location / { location / {
# allow ${container.localAccess}; # allow ${container.localAccess};
# allow ${container.config.status.address};
# allow ${container.config.vpn.address}; # allow ${container.config.vpn.address};
# deny all; # deny all;
add_header X-Forwarded-Proto https; add_header X-Forwarded-Proto https;

1
container/proxy/host/Paper.nix
View file

@ -9,6 +9,7 @@ in {
location / { location / {
allow ${container.localAccess}; allow ${container.localAccess};
allow ${container.config.status.address};
allow ${container.config.vpn.address}; allow ${container.config.vpn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;

1
container/proxy/host/Pass.nix
View file

@ -9,6 +9,7 @@ in {
location / { location / {
allow ${container.localAccess}; allow ${container.localAccess};
allow ${container.config.status.address};
allow ${container.config.vpn.address}; allow ${container.config.vpn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;

1
container/proxy/host/Print.nix
View file

@ -9,6 +9,7 @@ in {
location / { location / {
allow ${container.localAccess}; allow ${container.localAccess};
allow ${container.config.status.address};
allow ${container.config.vpn.address}; allow ${container.config.vpn.address};
deny all; deny all;

1
container/proxy/host/Printer.nix
View file

@ -9,6 +9,7 @@ in {
location / { location / {
allow ${container.localAccess}; allow ${container.localAccess};
allow ${container.config.status.address};
allow ${container.config.vpn.address}; allow ${container.config.vpn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;

1
container/proxy/host/Read.nix
View file

@ -9,6 +9,7 @@ in {
location / { location / {
allow ${container.localAccess}; allow ${container.localAccess};
allow ${container.config.status.address};
allow ${container.config.vpn.address}; allow ${container.config.vpn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;

1
container/proxy/host/Router.nix
View file

@ -9,6 +9,7 @@ in {
location / { location / {
allow ${container.localAccess}; allow ${container.localAccess};
allow ${container.config.status.address};
allow ${container.config.vpn.address}; allow ${container.config.vpn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;

1
container/proxy/host/Search.nix
View file

@ -9,6 +9,7 @@ in {
location / { location / {
allow ${container.localAccess}; allow ${container.localAccess};
allow ${container.config.status.address};
allow ${container.config.vpn.address}; allow ${container.config.vpn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;

1
container/proxy/host/Stock.nix
View file

@ -9,6 +9,7 @@ in {
location / { location / {
allow ${container.localAccess}; allow ${container.localAccess};
allow ${container.config.status.address};
allow ${container.config.vpn.address}; allow ${container.config.vpn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;

1
container/proxy/host/Watch.nix
View file

@ -9,6 +9,7 @@ in {
location / { location / {
allow ${container.localAccess}; allow ${container.localAccess};
allow ${container.config.status.address};
allow ${container.config.vpn.address}; allow ${container.config.vpn.address};
deny all; deny all;
proxy_pass http://''$${name}$request_uri; proxy_pass http://''$${name}$request_uri;

1
container/proxy/host/Yt.nix
View file

@ -9,6 +9,7 @@ in {
location / { location / {
allow ${container.localAccess}; allow ${container.localAccess};
allow ${container.config.status.address};
allow ${container.config.vpn.address}; allow ${container.config.vpn.address};
deny all; deny all;