teidesu/nixfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(koi): local access to webdav share

Browse source
This commit is contained in:
alina 🌸 2024-09-19 15:05:13 +03:00
parent e5897c194b
commit fbd32e7003
Signed by: teidesu
SSH key fingerprint: SHA256:uNeCpw6aTSU4aIObXLvHfLkDa82HWH9EiOj9AXOIRpI
3 changed files with 44 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
hosts/koi/configuration.nix
View file

@ -12,6 +12,7 @@
./partials/fde.nix ./partials/fde.nix
./partials/docker.nix ./partials/docker.nix
./partials/avahi.nix
./services/coredns.nix ./services/coredns.nix
./services/sing-box.nix ./services/sing-box.nix

23
hosts/koi/containers/sftpgo/default.nix
View file

@ -4,6 +4,7 @@ let
secrets = import (abs "lib/secrets.nix"); secrets = import (abs "lib/secrets.nix");
UID = 1112; UID = 1112;
WEBDAV_PORT = 16821;
in { in {
imports = [ imports = [
(secrets.declare [{ (secrets.declare [{
@ -45,6 +46,9 @@ in {
environmentFiles = [ environmentFiles = [
(secrets.file config "sftpgo-env") (secrets.file config "sftpgo-env")
]; ];
ports = [
"${builtins.toString WEBDAV_PORT}:80"
];
}; };
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
@ -52,7 +56,8 @@ in {
"d /srv/sftpgo/config 0700 ${builtins.toString UID} ${builtins.toString UID} -" "d /srv/sftpgo/config 0700 ${builtins.toString UID} ${builtins.toString UID} -"
]; ];
services.nginx.virtualHosts."puffer.stupid.fish" = { services.nginx.virtualHosts = {
"puffer.stupid.fish" = {
forceSSL = true; forceSSL = true;
useACMEHost = "stupid.fish"; useACMEHost = "stupid.fish";
@ -65,4 +70,20 @@ in {
proxyPass = "http://sftpgo.docker:80$request_uri"; proxyPass = "http://sftpgo.docker:80$request_uri";
}; };
}; };
};
networking.firewall.allowedTCPPorts = [ WEBDAV_PORT ];
services.avahi.extraServiceFiles.puffer-lan = ''
<?xml version="1.0" standalone='no'?>
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<service-group>
<name>puffer-lan</name>
<service>
<port>${builtins.toString WEBDAV_PORT}</port>
<type>_webdav._tcp</type>
<txt-record>path=/dav/</txt-record>
</service>
</service-group>
'';
} }

13
hosts/koi/partials/avahi.nix Normal file
View file

@ -0,0 +1,13 @@
{
services.avahi = {
enable = true;
nssmdns4 = true;
openFirewall = true;
publish = {
enable = true;
userServices = true;
};
allowInterfaces = [ "br0" ];
};
}