{config, ...}: { virtualisation.oci-containers.containers."restreamer" = { image = "docker.io/datarhei/restreamer:latest"; environmentFiles = [config.age.secrets.restreamer-env.path]; # Modified ports to include RTMPS ports = [ "127.0.0.1:3006:8080" "127.0.0.1:1935:1935" "127.0.0.1:1945:1945" ]; volumes = ["restreamer_data:/restreamer/db"]; extraOptions = ["--add-host=postgres:10.89.0.1" "--ip=10.89.0.13" "--network=web"]; }; # Traefik configuration services.traefik = { # Add static configuration for entry points staticConfigOptions = { entryPoints = { websecure = { address = ":443"; }; rtmp = { address = ":1935"; }; rtmps = { address = ":1945"; }; }; }; dynamicConfigOptions = { http = { services.restreamer.loadBalancer.servers = [ { url = "http://localhost:3006/"; } ]; routers.restreamer = { rule = "Host(`stream.m3tam3re.com`)"; tls = { certResolver = "godaddy"; }; service = "restreamer"; entrypoints = ["websecure"]; }; }; tcp = { services = { rtmp-service.loadBalancer.servers = [ { address = "localhost:1935"; } ]; rtmps-service.loadBalancer.servers = [ { address = "localhost:1945"; } ]; }; routers = { rtmp = { rule = "HostSNI(`*`)"; # Changed to accept all SNI service = "rtmp-service"; entryPoints = ["rtmp"]; }; rtmps = { rule = "HostSNI(`stream.m3tam3re.com`)"; service = "rtmps-service"; entryPoints = ["rtmps"]; tls = { certResolver = "godaddy"; passthrough = false; }; }; }; }; }; }; # Firewall configuration networking.firewall = { allowedTCPPorts = [80 443 1935 1945]; }; }