summaryrefslogtreecommitdiffstats
path: root/lass/2configs/services
diff options
context:
space:
mode:
Diffstat (limited to 'lass/2configs/services')
-rw-r--r--lass/2configs/services/coms/proxy.nix13
-rw-r--r--lass/2configs/services/radio/default.nix18
-rw-r--r--lass/2configs/services/radio/news.nix11
3 files changed, 29 insertions, 13 deletions
diff --git a/lass/2configs/services/coms/proxy.nix b/lass/2configs/services/coms/proxy.nix
index e8555f9b7..fd7b36ca8 100644
--- a/lass/2configs/services/coms/proxy.nix
+++ b/lass/2configs/services/coms/proxy.nix
@@ -21,14 +21,13 @@ in
proxy_pass ${target}:${toString port};
}
'') tcpports}
- ${lib.concatMapStringsSep "\n" (port: ''
- server {
- listen ${toString port} udp;
- proxy_pass ${target}:${toString port};
- }
- '') udpports}
'';
+ krebs.iptables.tables.nat.PREROUTING.rules = lib.flatten (map (port: [
+ { predicate = "-p udp --dport ${toString port}"; target = "DNAT --to-destination ${config.krebs.hosts.orange.nets.retiolum.ip4.addr}:${toString port}"; v6 = false; }
+ { predicate = "-p udp --dport ${toString port}"; target = "DNAT --to-destination [${config.krebs.hosts.orange.nets.retiolum.ip6.addr}]:${toString port}"; v4 = false; }
+ ]) udpports);
+
services.nginx.virtualHosts."jitsi.lassul.us" = {
enableACME = true;
acmeFallbackHost = "${target}";
@@ -36,7 +35,7 @@ in
locations."/" = {
recommendedProxySettings = true;
proxyWebsockets = true;
- proxyPass = "http://${target}";
+ proxyPass = "https://${target}";
};
};
}
diff --git a/lass/2configs/services/radio/default.nix b/lass/2configs/services/radio/default.nix
index 5accfe360..5a10b5578 100644
--- a/lass/2configs/services/radio/default.nix
+++ b/lass/2configs/services/radio/default.nix
@@ -104,6 +104,22 @@ in {
print_current
];
+
+ systemd.services.radio_watcher = {
+ wantedBy = [ "multi-user.target" ];
+ after = [ "radio.service" ];
+ serviceConfig = {
+ ExecStart = pkgs.writers.writeDash "radio_watcher" ''
+ set -efux
+ while :; do
+ ${pkgs.curl}/bin/curl -Ss http://localhost:8000/radio.ogg -o /dev/null
+ ${pkgs.systemd}/bin/systemctl restart radio
+ sleep 60
+ done
+ '';
+ };
+ };
+
services.liquidsoap.streams.radio = ./radio.liq;
systemd.services.radio = {
environment = {
@@ -124,6 +140,7 @@ in {
};
path = [
pkgs.yt-dlp
+ pkgs.bubblewrap
];
serviceConfig.User = lib.mkForce "radio";
};
@@ -163,6 +180,7 @@ in {
filter.INPUT.rules = [
{ predicate = "-p tcp --dport 8000"; target = "ACCEPT"; }
{ predicate = "-i retiolum -p tcp --dport 8001"; target = "ACCEPT"; }
+ { predicate = "-i retiolum -p tcp --dport 8002"; target = "ACCEPT"; }
];
};
};
diff --git a/lass/2configs/services/radio/news.nix b/lass/2configs/services/radio/news.nix
index 62f7f548c..a9cddb62a 100644
--- a/lass/2configs/services/radio/news.nix
+++ b/lass/2configs/services/radio/news.nix
@@ -122,10 +122,9 @@ in
''}'';
};
- ## debug
- # environment.systemPackages = [
- # weather_report
- # send_to_radio
- # newsshow
- # ];
+ # debug
+ environment.systemPackages = [
+ send_to_radio
+ newsshow
+ ];
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-03 07:58:32 +0000
[cgit] Unable to lock slot /tmp/cgit/32100000.lock: No such file or directory (2)