lukas/livestreaming-cdn-nixops
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

added netdata with basicauth and index.m3u8-caching support

Browse source
This commit is contained in:
Lukas Schulz 2020-11-28 18:16:22 +01:00
parent 717baa0482
commit 36899fc287
1 changed files with 86 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

88
cdn.nix
View file

@ -1,4 +1,5 @@
let let
basicAuthLogin = { admin = "jkblufies"; };
cdn-node-setup = args@{ domain, config_file, ... }: { cdn-node-setup = args@{ domain, config_file, ... }: {
deployment.targetHost = domain; deployment.targetHost = domain;
nixpkgs.localSystem.system = "x86_64-linux"; nixpkgs.localSystem.system = "x86_64-linux";
@ -13,6 +14,10 @@ cdn-node-setup = args@{ domain, config_file, ... }: {
443 # HTTPs 443 # HTTPs
]; ];
services.netdata = {
enable = true;
};
# Enable nginx service # Enable nginx service
services.nginx = { services.nginx = {
@ -26,13 +31,15 @@ cdn-node-setup = args@{ domain, config_file, ... }: {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
basicAuth = basicAuthLogin;
locations = { locations = {
"~* \\.(m3u8)$" = { "~* \\.(m3u8)$" = {
proxyPass = "https://cdn-master.lukas.studio$request_uri"; proxyPass = "https://cdn-master.lukas.studio$request_uri";
extraConfig = '' extraConfig = ''
#proxy_cache = off; #proxy_cache = off;
expires -1; expires 3s;
auth_basic off;
''; '';
}; };
"/hls" = { "/hls" = {
@ -45,9 +52,32 @@ cdn-node-setup = args@{ domain, config_file, ... }: {
proxy_cache hls; proxy_cache hls;
proxy_ignore_headers Cache-Control; proxy_ignore_headers Cache-Control;
proxy_cache_valid any 30m; proxy_cache_valid any 30m;
auth_basic off;
''; '';
}; };
"/stats" = {
return = "301 /stats/";
};
"~ /stats/(?<ndpath>.*)" = {
proxyPass = "http://127.0.0.1:19999/$ndpath$is_args$args";
extraConfig = ''
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_pass_request_headers on;
proxy_set_header Connection "keep-alive";
proxy_store off;
gzip on;
gzip_proxied any;
gzip_types *;
'';
};
}; };
@ -81,6 +111,10 @@ cdn-master-setup = args@{ domain, config_file, host-server, ... }: {
443 # HTTPs 443 # HTTPs
]; ];
services.netdata = {
enable = true;
};
# Enable nginx service # Enable nginx service
services.nginx = { services.nginx = {
@ -94,13 +128,15 @@ cdn-master-setup = args@{ domain, config_file, host-server, ... }: {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
basicAuth = basicAuthLogin;
locations = { locations = {
"~* \\.(m3u8)$" = { "~* \\.(m3u8)$" = {
proxyPass = "${host-server}$request_uri"; proxyPass = "${host-server}$request_uri";
extraConfig = '' extraConfig = ''
#proxy_cache = off; #proxy_cache = off;
expires -1; expires 2s;
auth_basic off;
''; '';
}; };
"/hls" = { "/hls" = {
@ -113,9 +149,32 @@ cdn-master-setup = args@{ domain, config_file, host-server, ... }: {
proxy_cache hls; proxy_cache hls;
proxy_ignore_headers Cache-Control; proxy_ignore_headers Cache-Control;
proxy_cache_valid any 30m; proxy_cache_valid any 30m;
auth_basic off;
''; '';
}; };
"/stats" = {
return = "301 /stats/";
};
"~ /stats/(?<ndpath>.*)" = {
proxyPass = "http://127.0.0.1:19999/$ndpath$is_args$args";
extraConfig = ''
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_pass_request_headers on;
proxy_set_header Connection "keep-alive";
proxy_store off;
gzip on;
gzip_proxied any;
gzip_types *;
'';
};
}; };
}; };
@ -159,6 +218,31 @@ cdn-loadbalancer-setup = args@{ domain, config_file, nodes, ... }: {
locations = { locations = {
"/" = { "/" = {
return = "301 \"http://\$\{cdnhosts\}\$\{request_uri\}\""; return = "301 \"http://\$\{cdnhosts\}\$\{request_uri\}\"";
extraConfig = ''
auth_basic off;
'';
};
"/stats" = {
return = "301 /stats/";
};
"~ /stats/(?<ndpath>.*)" = {
proxyPass = "http://127.0.0.1:19999/$ndpath$is_args$args";
extraConfig = ''
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_pass_request_headers on;
proxy_set_header Connection "keep-alive";
proxy_store off;
gzip on;
gzip_proxied any;
gzip_types *;
'';
}; };
}; };
forceSSL = true; forceSSL = true;