From e93bdf20a34c91a3ab95c30ce6312f7a89de292e Mon Sep 17 00:00:00 2001 From: m3tam3re Date: Sat, 15 Mar 2025 14:23:47 +0100 Subject: [PATCH] restreamer setup --- .../m3-atlas/services/containers/default.nix | 2 +- hosts/m3-atlas/services/containers/matomo.nix | 24 +++++++++---- .../services/containers/restreamer.nix | 29 +++++---------- hosts/m3-atlas/services/mysql.nix | 4 ++- hosts/m3-atlas/services/traefik.nix | 4 ++- secrets/restreamer-env.age | 36 +++++++++---------- 6 files changed, 50 insertions(+), 49 deletions(-) diff --git a/hosts/m3-atlas/services/containers/default.nix b/hosts/m3-atlas/services/containers/default.nix index 6231b0d..6489a82 100644 --- a/hosts/m3-atlas/services/containers/default.nix +++ b/hosts/m3-atlas/services/containers/default.nix @@ -5,7 +5,7 @@ ./littlelink.nix ./matomo.nix ./n8n.nix - # ./restreamer.nix + ./restreamer.nix ./slash.nix ]; system.activationScripts.createPodmanNetworkWeb = lib.mkAfter '' diff --git a/hosts/m3-atlas/services/containers/matomo.nix b/hosts/m3-atlas/services/containers/matomo.nix index 4560cfc..79d003b 100644 --- a/hosts/m3-atlas/services/containers/matomo.nix +++ b/hosts/m3-atlas/services/containers/matomo.nix @@ -11,7 +11,7 @@ MYSQL_DATABASE = "matomo"; PHP_MEMORY_LIMIT = "2048M"; }; - extraOptions = ["--add-host=mysql:10.89.0.1" "--ip=10.89.0.15" "--network=web"]; + extraOptions = ["--add-host=mysql:10.89.0.1" "--ip=10.89.0.16" "--network=web"]; }; # Traefik configuration specific to ghost services.traefik.dynamicConfigOptions.http = { @@ -21,13 +21,23 @@ } ]; - routers.matomo = { - rule = "Host(`stats.nemoti.com`)"; - tls = { - certResolver = "godaddy"; + routers = { + matomo-nemoti = { + rule = "Host(`stats.nemoti.com`)"; + tls = { + certResolver = "godaddy"; + }; + service = "matomo"; + entrypoints = "websecure"; + }; + matomo-m3tam3re = { + rule = "Host(`stats.m3tam3re.com`)"; + tls = { + certResolver = "godaddy"; + }; + service = "matomo"; + entrypoints = "websecure"; }; - service = "matomo"; - entrypoints = "websecure"; }; }; } diff --git a/hosts/m3-atlas/services/containers/restreamer.nix b/hosts/m3-atlas/services/containers/restreamer.nix index 83ffbf8..4a86875 100644 --- a/hosts/m3-atlas/services/containers/restreamer.nix +++ b/hosts/m3-atlas/services/containers/restreamer.nix @@ -4,31 +4,18 @@ environmentFiles = [config.age.secrets.restreamer-env.path]; # Modified ports to include RTMPS ports = [ - "127.0.0.1:3006:8080" - "127.0.0.1:1935:1935" - "127.0.0.1:1945:1945" + "127.0.0.1:3006:8080" # Web UI + "127.0.0.1:1936:1935" # RTMP + ]; + volumes = [ + "restreamer_data:/core/data" + "restreamer_config:/core/config" ]; - volumes = ["restreamer_data:/restreamer/db"]; extraOptions = ["--add-host=postgres:10.89.0.1" "--ip=10.89.0.13" "--network=web"]; }; # Traefik configuration services.traefik = { - # Add static configuration for entry points - staticConfigOptions = { - entryPoints = { - websecure = { - address = ":443"; - }; - rtmp = { - address = ":1935"; - }; - rtmps = { - address = ":1945"; - }; - }; - }; - dynamicConfigOptions = { http = { services.restreamer.loadBalancer.servers = [ @@ -51,12 +38,12 @@ services = { rtmp-service.loadBalancer.servers = [ { - address = "localhost:1935"; + address = "localhost:1936"; } ]; rtmps-service.loadBalancer.servers = [ { - address = "localhost:1945"; + address = "localhost:1936"; } ]; }; diff --git a/hosts/m3-atlas/services/mysql.nix b/hosts/m3-atlas/services/mysql.nix index 0bcd657..54afe9a 100644 --- a/hosts/m3-atlas/services/mysql.nix +++ b/hosts/m3-atlas/services/mysql.nix @@ -9,7 +9,9 @@ initialScript = pkgs.writeText "initial-script.sql" '' CREATE USER 'ghost'@'10.89.%' IDENTIFIED BY 'ghost'; GRANT ALL PRIVILEGES ON ghost.* TO 'ghost'@'10.89.%'; - ''; + + CREATE USER 'matomo'@'10.89.%' IDENTIFIED BY 'matomo'; + GRANT ALL PRIVILEGES ON matomo.* TO 'matomo'@'10.89.%'; ''; }; services.mysqlBackup = { enable = true; diff --git a/hosts/m3-atlas/services/traefik.nix b/hosts/m3-atlas/services/traefik.nix index a54df2a..dabd529 100644 --- a/hosts/m3-atlas/services/traefik.nix +++ b/hosts/m3-atlas/services/traefik.nix @@ -32,7 +32,9 @@ rtmps = { address = ":1945"; }; - websecure = {address = ":443";}; + websecure = { + address = ":443"; + }; }; }; dynamicConfigOptions = { diff --git a/secrets/restreamer-env.age b/secrets/restreamer-env.age index b15406d..275aaa3 100644 --- a/secrets/restreamer-env.age +++ b/secrets/restreamer-env.age @@ -1,21 +1,21 @@ age-encryption.org/v1 --> ssh-ed25519 4NLKrw +fDbZ8PGMC76pLG7dhGLdauk0nKmKQHhtYO3Rx3FXGQ -lWWB6D+219qf80vLd/stL3SpHnAraq81itJJrbBejB0 --> ssh-ed25519 5kwcsA 1+aNJYD8G/7KoU8p/uUTt0DuZi9iEa4sXolUXRRQuwg -EArLBr6A/ESfHt+ep6CyxY3K81/xpvZ5jmheSR3K6tc --> ssh-ed25519 9d4YIQ UOAcFvPcIU7HcH72s+lbiIgvLpBLbhCqfaqY29xxiGI -GzIQXAhS420geZXLHfOupo9fHI9K404PfcpwgeIb/9s --> ssh-ed25519 3Bcr1w z39Qerm6t4t/lvfKS1IBn+711weBSuXA9Aa6KyjZ+Sw -V1cwhlfasjftrNonhtf32NS/9HKYW4xw3dRLYtug/Uc +-> ssh-ed25519 4NLKrw ujol4VLzOhJQkOLACge18IshC59mKHSYtkrl2sEGc3U +G7Dje5m+l2LVvLXsP2dxI3zlg0ik8781/mQHM3FVPYU +-> ssh-ed25519 5kwcsA cCSwI5ONGu9JlzfPEdd+fr3fdtRZMVUucEQ9FGIK8EA ++iLecJaAv7uJ3hgwkQqLh4S9u18r2oy8ZAwiajVRYhE +-> ssh-ed25519 9d4YIQ kHP8FhCx52peMGRQ8A0qmTEf1X3sGzraqR+sYaqJmnc +YQ1mGHRD4viHfIyIDBuvGQHsyi3M9z12RNWvQD3ibuo +-> ssh-ed25519 3Bcr1w bB1R7kZRTmlsj6oMAuTTcVHwUgY5QqydLpzYGXUe7BY +ARhxY2AUp5DYgsq31gYwiDNj+bA4s03ctBxl6ipONHQ -> ssh-rsa DQlE7w -k+W3+5KMiGuuE3klExo/E8UmZRdgX5MpKKKMuE4V4AvJV0iaQaWKn26/xMK4Apa6 -g6/nIuKq9qjOwXpjaynzZlcwmnknspZNiMloFJDTHVllebRG5M2XkUs+b0jMWAtW -mIZNC7xSBaLnK+9Yo8U635EtzKgDYti7FTV6lsTyIk7rvBPK6YCLu8MtltAtRc6I -sSjn/Kdzz38QJSXapx59T6X+lrG02SVuoBax1YMp5SPzTZEUKJMBoOmmi+T+nI6S -kQ/Ysv3VQsCrjdpnD2MlnHX5YGg1HSiMSnaA8uIsvXhdgTi/8f7yi/WnqJjOHUe/ -UuteiMWesfwdIz3Osm77ApLvKBm9F/nPoK3naaxzucOhFG5DGtt4bM5oj1yFBKw/ -4UTvHF3NWNfJBEW1kUnUM3UFupt+0STjC6Sm9GVZaDGIUb11e2KFC+CxOYGvYir9 -0lti0yU/uucKtO0eWDHeWI0XrJSvnF0JSIonJC3U7S2lagqiDJDJBKYPC4hz2nOD +oVCEFSMqyvoWY0SkJZOENUDgmvNsaCdfna6QYGvQQTh/XC563ODIj0WiED6AAQqw +N/FxPdGdbsew3BCOB0pyvsOmv9ql8/cpiSAM8J6SMw78/9e+ri3F6PVKbTEY9aXP +Ds8uttbjozy5kWJcZf5dGfB5BXW2v/6WRo9PUOUUapJgJqKXD5hjthcOurXoj2B6 +qQXAWr+hYwy8saQWItD6hOGNKbYzqkAXOBkwSRvdmXpc9e75yUw7KPHHng8QrrYj +/gM28qBo6cyT8cEsV/6XRo4LxzqCGiCqup+YpY80Jxk46hh7O1rMXW/IjeHww27f +CzwIdi37IE9QCviuuGjqn7kbKkg9jhcPKbktfNF+9urUDnCvoYT8umH8bfRa/wSB +VVqIzpjYjA0NrIqRfon1dK/LsTgKSeExOsb8wQDS4rpvX/Yqm0lBfmYJ7DaBmwpj +XTpOyn1wGu4/cgFz9BO6WEhrxXum/67UXGwxisV3pmGXLIHqshMkgYjGl6gvUe0C ---- TWONtoVHZagq3ARx1odevztc6jQD2BfW2mnqGqNV8rY -¥}iŒP#¤Ò\Sº’ˆ¢7šÍhø— {†¡a-äŸä…ÅÖ¤3P³4˜Xæ¿<ÍeþÕQî0xûN‚z‹Ÿl¸Z–\©‹4,,’°j ¦à©Žþ \ No newline at end of file +--- QM3r5pYRyC4nnhf/dO/zFwzwye1pgLNOKOPAowdYQBM +f›vósömΠšÇñÖð{+ö—?価{}5Ýý@ \ No newline at end of file