Antoine Martin
e7219ae988
This is a requirement anyway for homeservers, and the `forceSSL` option tried to create a redirect for non-SSL traffic, except the `listen` option only provided SSL endpoints anyway, so this resulted in additional rules in the nginx config looking like this: server { server_name matrix.alarsyo.net ; location /.well-known/acme-challenge { root /var/lib/acme/acme-challenge; auth_basic off; } location / { return 301 https://$host$request_uri; } } Which led to nginx listening on port 8000 (the default port in this situation, I imagine) |
||
---|---|---|
.git-crypt | ||
base | ||
home | ||
hosts | ||
modules | ||
pkgs | ||
secrets | ||
services | ||
.gitattributes | ||
.gitignore | ||
.lohr | ||
boreal.nix | ||
flake.lock | ||
flake.nix | ||
poseidon.nix | ||
README.org |
NixOS deployment configuration
Services
Bitwarden
Password manager, Rust lightweight version.
Borg backup
Creating daily backups to borgbase
fail2ban
Keeping the bad guys away
Gitea
Hosting for all my personal projects
Jellyfin
Netflix but just for me
Lohr
Setup
Needs manual SSH key and known hosts setup.
Matrix
My Matrix homeserver at alarsyo.net
. Also hosting an Element web client at
chat.alarsyo.net.
Miniflux
RSS reader
Monitoring
Grafana and Prometheus are currently used as a glorified htop
.