summaryrefslogtreecommitdiffstats
path: root/lass/2configs/services/coms/proxy.nix
diff options
context:
space:
mode:
Diffstat (limited to 'lass/2configs/services/coms/proxy.nix')
-rw-r--r--lass/2configs/services/coms/proxy.nix41
1 files changed, 0 insertions, 41 deletions
diff --git a/lass/2configs/services/coms/proxy.nix b/lass/2configs/services/coms/proxy.nix
deleted file mode 100644
index fd7b36ca..00000000
--- a/lass/2configs/services/coms/proxy.nix
+++ /dev/null
@@ -1,41 +0,0 @@
-{ config, lib, pkgs, ... }:
-let
- tcpports = [
- 4443 # jitsi
- 64738 # murmur
- ];
- udpports = [
- 10000 # jitsi
- 64738 # murmur
- ];
- target = "orange.r";
-in
-{
- networking.firewall.allowedTCPPorts = tcpports;
- networking.firewall.allowedUDPPorts = udpports;
- services.nginx.streamConfig = ''
- ${lib.concatMapStringsSep "\n" (port: ''
- server {
- listen [::]:${toString port};
- listen ${toString port};
- proxy_pass ${target}:${toString port};
- }
- '') tcpports}
- '';
-
- krebs.iptables.tables.nat.PREROUTING.rules = lib.flatten (map (port: [
- { predicate = "-p udp --dport ${toString port}"; target = "DNAT --to-destination ${config.krebs.hosts.orange.nets.retiolum.ip4.addr}:${toString port}"; v6 = false; }
- { predicate = "-p udp --dport ${toString port}"; target = "DNAT --to-destination [${config.krebs.hosts.orange.nets.retiolum.ip6.addr}]:${toString port}"; v4 = false; }
- ]) udpports);
-
- services.nginx.virtualHosts."jitsi.lassul.us" = {
- enableACME = true;
- acmeFallbackHost = "${target}";
- addSSL = true;
- locations."/" = {
- recommendedProxySettings = true;
- proxyWebsockets = true;
- proxyPass = "https://${target}";
- };
- };
-}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-07 08:16:28 +0000