DerGrumpf/cyper-nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added exported NPM config; Added cyper-proxy host currently unused do to a dispute with 1Blu

Browse Source
This commit is contained in:
DerGrumpf
2026-04-21 22:12:01 +02:00
parent cfe0c19bf6
commit 2aa0257f0d
4 changed files with 202 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
flake.nix
View File

@@ -157,6 +157,12 @@
isServer = true; isServer = true;
}; };
"cyper-proxy" = mkSystem {
hostName = "cyper-proxy";
system = "x86_64-linux";
isServer = true;
};
"cyper-node-1" = mkSystem { "cyper-node-1" = mkSystem {
hostName = "cyper-node-1"; hostName = "cyper-node-1";
system = "x86_64-linux"; system = "x86_64-linux";

30
hosts/cyper-proxy/configuration.nix Normal file
View File

@@ -0,0 +1,30 @@
{
imports = [
./hardware-configuration.nix
../../nixos/roles/nginx.nix
];
networking = {
hostName = "cyper-proxy";
useNetworkd = true;
useDHCP = false;
firewall.enable = true;
};
systemd.network = {
enable = true;
networks."10-venet" = {
matchConfig.Name = "venet0";
networkConfig = {
Address = "178.254.8.35/24";
DNS = "178.254.16.141 178.254.16.151";
DHCP = "no";
};
routes = [
{ routeConfig.Destination = "0.0.0.0/0"; }
];
};
};
system.stateVersion = "26.05";
}

24
hosts/cyper-proxy/hardware-configuration.nix Normal file
View File

@@ -0,0 +1,24 @@
{ lib, modulesPath, ... }:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot = {
initrd.availableKernelModules = [ ];
initrd.kernelModules = [ ];
kernelModules = [ ];
extraModulePackages = [ ];
loader.grub.enable = false;
};
fileSystems."/" = {
device = "/dev/disk/by-label/NIXROOT";
fsType = "ext4";
};
swapDevices = [ ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

142
nixos/roles/nginx.nix Normal file
View File

@@ -0,0 +1,142 @@
{ ... }:
{
networking.firewall.allowedTCPPorts = [
80
443
];
security.acme = {
acceptTerms = true;
defaults.email = "your@email.de";
};
services.nginx = {
enable = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
virtualHosts = {
"git.cyperpunk.de" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://100.109.179.25:9000";
};
};
"www.cyperpunk.de" = {
enableACME = true;
locations = {
"/" = {
proxyPass = "http://100.109.179.25:15005";
proxyWebsockets = true;
};
"/grafana" = {
proxyPass = "http://100.109.179.25:2342";
proxyWebsockets = true;
};
};
};
"search.cyperpunk.de" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://100.109.179.25:11080";
};
};
"vault.cyperpunk.de" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://100.109.179.25:8222";
proxyWebsockets = true;
};
};
"file.cyperpunk.de" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://100.109.179.25:10000";
};
};
"calvin.cyperpunk.de" = {
enableACME = true;
locations."/" = {
proxyPass = "http://100.109.179.25:15006";
};
};
"cyperpunk.de" = {
forceSSL = true;
enableACME = true;
http2 = true;
extraConfig = ''
client_max_body_size 50m;
'';
locations."/" = {
proxyPass = "http://100.109.179.25:8008";
proxyWebsockets = true;
};
};
"matrix.cyperpunk.de" = {
forceSSL = true;
enableACME = true;
http2 = true;
extraConfig = ''
client_max_body_size 50m;
'';
locations."/" = {
proxyPass = "http://100.109.179.25:8008";
proxyWebsockets = true;
};
};
"cinny.cyperpunk.de" = {
enableACME = true;
locations."/" = {
proxyPass = "http://100.109.179.25:8009";
proxyWebsockets = true;
};
};
"element.cyperpunk.de" = {
enableACME = true;
locations."/" = {
proxyPass = "http://100.109.179.25:8010";
proxyWebsockets = true;
};
};
"fluffy.cyperpunk.de" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://100.109.179.25:8012";
proxyWebsockets = true;
};
};
"livekit.cyperpunk.de" = {
enableACME = true;
locations = {
"/" = {
proxyPass = "http://192.168.64.1:7880";
proxyWebsockets = true;
};
"/_matrix/livekit/jwt" = {
proxyPass = "http://192.168.64.1:8080";
proxyWebsockets = true;
};
};
};
};
};
}