This commit is contained in:
m3tam3re 2025-03-14 17:32:08 +01:00
parent 39782b6eb9
commit 779473317d
5 changed files with 117 additions and 18 deletions

View File

@ -3,8 +3,9 @@
./baserow.nix ./baserow.nix
./ghost.nix ./ghost.nix
./littlelink.nix ./littlelink.nix
./matomo.nix
./n8n.nix ./n8n.nix
./restreamer.nix # ./restreamer.nix
./slash.nix ./slash.nix
]; ];
system.activationScripts.createPodmanNetworkWeb = lib.mkAfter '' system.activationScripts.createPodmanNetworkWeb = lib.mkAfter ''

View File

@ -0,0 +1,33 @@
{
virtualisation.oci-containers.containers."matomo" = {
image = "docker.io/matomo:latest";
ports = ["127.0.0.1:3011:80"];
volumes = ["matomo_data:/var/www/html"];
environment = {
MATOMO_DATABASE_HOST = "mysql";
MATOMO_DATABASE_USERNAME = "matomo";
MATOMO_DATABASE_PASSWORD = "matomo";
MATOMO_DATABASE_DBNAME = "matomo";
MYSQL_DATABASE = "matomo";
PHP_MEMORY_LIMIT = "2048M";
};
extraOptions = ["--add-host=mysql:10.89.0.1" "--ip=10.89.0.15" "--network=web"];
};
# Traefik configuration specific to ghost
services.traefik.dynamicConfigOptions.http = {
services.matomo.loadBalancer.servers = [
{
url = "http://localhost:3011/";
}
];
routers.matomo = {
rule = "Host(`stats.nemoti.com`)";
tls = {
certResolver = "godaddy";
};
service = "matomo";
entrypoints = "websecure";
};
};
}

View File

@ -2,12 +2,35 @@
virtualisation.oci-containers.containers."restreamer" = { virtualisation.oci-containers.containers."restreamer" = {
image = "docker.io/datarhei/restreamer:latest"; image = "docker.io/datarhei/restreamer:latest";
environmentFiles = [config.age.secrets.restreamer-env.path]; environmentFiles = [config.age.secrets.restreamer-env.path];
ports = ["127.0.0.1:3006:8080" "1935:1935" "1936:1936"]; # Modified ports to include RTMPS
ports = [
"127.0.0.1:3006:8080"
"127.0.0.1:1935:1935"
"127.0.0.1:1945:1945"
];
volumes = ["restreamer_data:/restreamer/db"]; volumes = ["restreamer_data:/restreamer/db"];
extraOptions = ["--add-host=postgres:10.89.0.1" "--ip=10.89.0.13" "--network=web"]; extraOptions = ["--add-host=postgres:10.89.0.1" "--ip=10.89.0.13" "--network=web"];
}; };
# Traefik configuration specific to baserow
services.traefik.dynamicConfigOptions.http = { # Traefik configuration
services.traefik = {
# Add static configuration for entry points
staticConfigOptions = {
entryPoints = {
websecure = {
address = ":443";
};
rtmp = {
address = ":1935";
};
rtmps = {
address = ":1945";
};
};
};
dynamicConfigOptions = {
http = {
services.restreamer.loadBalancer.servers = [ services.restreamer.loadBalancer.servers = [
{ {
url = "http://localhost:3006/"; url = "http://localhost:3006/";
@ -20,7 +43,46 @@
certResolver = "godaddy"; certResolver = "godaddy";
}; };
service = "restreamer"; service = "restreamer";
entrypoints = "websecure"; entrypoints = ["websecure"];
}; };
}; };
tcp = {
services = {
rtmp-service.loadBalancer.servers = [
{
address = "localhost:1935";
}
];
rtmps-service.loadBalancer.servers = [
{
address = "localhost:1945";
}
];
};
routers = {
rtmp = {
rule = "HostSNI(`*`)"; # Changed to accept all SNI
service = "rtmp-service";
entryPoints = ["rtmp"];
};
rtmps = {
rule = "HostSNI(`stream.m3tam3re.com`)";
service = "rtmps-service";
entryPoints = ["rtmps"];
tls = {
certResolver = "godaddy";
passthrough = false;
};
};
};
};
};
};
# Firewall configuration
networking.firewall = {
allowedTCPPorts = [80 443 1935 1945];
};
} }

View File

@ -9,9 +9,6 @@
initialScript = pkgs.writeText "initial-script.sql" '' initialScript = pkgs.writeText "initial-script.sql" ''
CREATE USER 'ghost'@'10.89.%' IDENTIFIED BY 'ghost'; CREATE USER 'ghost'@'10.89.%' IDENTIFIED BY 'ghost';
GRANT ALL PRIVILEGES ON ghost.* TO 'ghost'@'10.89.%'; GRANT ALL PRIVILEGES ON ghost.* TO 'ghost'@'10.89.%';
CREATE USER 'matomo'@'10.89.%' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON matomo.* TO 'matomo'@'10.89.%';
''; '';
}; };
services.mysqlBackup = { services.mysqlBackup = {

View File

@ -26,6 +26,12 @@
scheme = "https"; scheme = "https";
}; };
}; };
rtmp = {
address = ":1935";
};
rtmps = {
address = ":1945";
};
websecure = {address = ":443";}; websecure = {address = ":443";};
}; };
}; };