haccfiles/configuration/hosts/hainich/services/funkwhale.nix

{ config, lib, pkgs, ... }:

{
  containers.funkwhale = {
    inherit pkgs;
    privateNetwork = true;
    hostAddress = "192.168.100.1";
    localAddress = "192.168.100.4";
    autoStart = true;
    config = { config, lib, pkgs, ... }: {
      imports = [
        ../../../../modules
      ];
      services.coredns = {
        enable = true;
        config = ''
        .:53 {
          forward . 1.1.1.1
        }
        '';
      };
      networking.firewall.enable = false;
      services.funkwhale = {
        enable = true;
        apiIp = "192.168.100.4";
        hostname = "funkwhale.hacc.media";
        protocol = "https";
        defaultFromEmail = "funkwhale@hacc.media";
        api.djangoSecretKey = "TwsgANNKid+HZ0HwhR/FgTcxFIW6sZ8s4n7HxV6zPdU=";
      };
      services.nginx.virtualHosts."funkwhale.hacc.media" = {
        enableACME = lib.mkForce false;
        forceSSL = lib.mkForce false;
      };
    };
  };
  services.nginx.virtualHosts."funkwhale.hacc.media" = {
    forceSSL = true;
    enableACME = true;
    locations."/" = {
      proxyPass = "http://192.168.100.4";
      extraConfig = ''
        proxy_pass_request_headers on;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Host $http_host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $http_connection;
        proxy_buffering off;
      '';
    };
  };
}
WIP funkwhale, DO NOT MERGE 2021-01-02 10:36:20 +00:00			`{ config, lib, pkgs, ... }:`

			`{`
			`containers.funkwhale = {`
			`inherit pkgs;`
			`privateNetwork = true;`
			`hostAddress = "192.168.100.1";`
			`localAddress = "192.168.100.4";`
			`autoStart = true;`
			`config = { config, lib, pkgs, ... }: {`
			`imports = [`
			`../../../../modules`
			`];`
			`services.coredns = {`
			`enable = true;`
			`config = ''`
			`.:53 {`
			`forward . 1.1.1.1`
			`}`
			`'';`
			`};`
			`networking.firewall.enable = false;`
			`services.funkwhale = {`
			`enable = true;`
			`apiIp = "192.168.100.4";`
			`hostname = "funkwhale.hacc.media";`
			`protocol = "https";`
			`defaultFromEmail = "funkwhale@hacc.media";`
			`api.djangoSecretKey = "TwsgANNKid+HZ0HwhR/FgTcxFIW6sZ8s4n7HxV6zPdU=";`
			`};`
			`services.nginx.virtualHosts."funkwhale.hacc.media" = {`
			`enableACME = lib.mkForce false;`
			`forceSSL = lib.mkForce false;`
			`};`
			`};`
			`};`
			`services.nginx.virtualHosts."funkwhale.hacc.media" = {`
			`forceSSL = true;`
			`enableACME = true;`
			`locations."/" = {`
			`proxyPass = "http://192.168.100.4";`
			`extraConfig = ''`
			`proxy_pass_request_headers on;`
			`proxy_set_header Host $host;`
			`proxy_set_header X-Real-IP $remote_addr;`
			`proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;`
			`proxy_set_header X-Forwarded-Proto $scheme;`
			`proxy_set_header X-Forwarded-Host $http_host;`
			`proxy_set_header Upgrade $http_upgrade;`
			`proxy_set_header Connection $http_connection;`
			`proxy_buffering off;`
			`'';`
			`};`
			`};`
			`}`