From f2287d2024a5e3634ffb2115204aa4065afe2a4f Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 10 Sep 2021 09:22:08 +0200
Subject: l: add mumble.lassul.us for mumble-web

---
 lass/1systems/prism/config.nix | 14 +-------------
 lass/2configs/murmur.nix       | 39 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 40 insertions(+), 13 deletions(-)
 create mode 100644 lass/2configs/murmur.nix

(limited to 'lass')

diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index 6ce4332d..3a6ab25a 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -276,19 +276,7 @@ with import <stockholm/lib>;
         { predicate = "-p udp --dport 60000:61000"; target = "ACCEPT";}
       ];
     }
-    {
-      services.murmur = {
-        enable = true;
-        bandwidth = 10000000;
-        registerName = "lassul.us";
-        autobanTime = 30;
-      };
-      krebs.iptables.tables.filter.INPUT.rules = [
-        { predicate = "-p tcp --dport 64738"; target = "ACCEPT";}
-        { predicate = "-p udp --dport 64738"; target = "ACCEPT";}
-      ];
-
-    }
+    <stockholm/lass/2configs/murmur.nix>
     {
       systemd.services."container@yellow".reloadIfChanged = mkForce false;
       containers.yellow = {
diff --git a/lass/2configs/murmur.nix b/lass/2configs/murmur.nix
new file mode 100644
index 00000000..9f325d0a
--- /dev/null
+++ b/lass/2configs/murmur.nix
@@ -0,0 +1,39 @@
+{ config, lib, pkgs, ... }:
+{
+  services.murmur = {
+    enable = true;
+    bandwidth = 10000000;
+    registerName = "lassul.us";
+    autobanTime = 30;
+  };
+  krebs.iptables.tables.filter.INPUT.rules = [
+    { predicate = "-p tcp --dport 64738"; target = "ACCEPT";}
+    { predicate = "-p udp --dport 64738"; target = "ACCEPT";}
+  ];
+
+  systemd.services.docker-mumble-web.serviceConfig = {
+    StandardOutput = lib.mkForce "journal";
+    StandardError = lib.mkForce "journal";
+  };
+  virtualisation.oci-containers.containers.mumble-web = {
+    image = "rankenstein/mumble-web";
+    environment = {
+      MUMBLE_SERVER = "lassul.us:64738";
+    };
+    ports = [
+      "64739:8080"
+    ];
+  };
+
+  services.nginx.virtualHosts."mumble.lassul.us" = {
+    enableACME = true;
+    forceSSL = true;
+    locations."/".extraConfig = ''
+      proxy_pass http://localhost:64739/;
+      proxy_set_header Accept-Encoding "";
+      proxy_http_version 1.1;
+      proxy_set_header Upgrade $http_upgrade;
+      proxy_set_header Connection $connection_upgrade;
+    '';
+  };
+}
-- 
cgit v1.2.3