weilite: add jackett and derper

This commit is contained in:
xinyangli 2024-11-22 12:07:10 +08:00
parent 6d5436bbaa
commit 69cf719b65
Signed by: xin
SSH key fingerprint: SHA256:UU5pRTl7NiLFJbWJZa+snLylZSXIz5rgHmwjzv8v4oE
3 changed files with 20 additions and 0 deletions

View file

@ -2,6 +2,7 @@
inputs,
config,
pkgs,
lib,
modulesPath,
...
}:
@ -150,6 +151,15 @@
permitCertUid = "caddy";
};
services.tailscale.derper = {
enable = true;
domain = "derper00.namely.icu";
openFirewall = true;
verifyClients = true;
};
# tailscale derper module use nginx for reverse proxy
services.nginx.enable = lib.mkForce false;
services.caddy = {
enable = true;
package = pkgs.caddy.withPlugins {
@ -165,6 +175,9 @@
];
vendorHash = "sha256-OhOeU2+JiJyIW9WdCYq98OKckXQZ9Fn5zULz0aLsXMI=";
};
virtualHosts."derper00.namely.icu:8443".extraConfig = ''
reverse_proxy 127.0.0.1:${toString config.services.tailscale.derper.port}
'';
virtualHosts."weilite.coho-tet.ts.net:8080".extraConfig = ''
reverse_proxy 127.0.0.1:${toString config.services.immich.port}
'';

View file

@ -2,5 +2,6 @@
imports = [
./ocis.nix
./restic.nix
./media-download.nix
];
}

View file

@ -0,0 +1,6 @@
{
services.jackett = {
enable = true;
openFirewall = false;
};
}