forked from pub-solar/infra
Benjamin Yule Bädorf
68278ad983
This works towards having reusable modules * `config.pub-solar-os.networking.domain` is used for the main domain * `config.pub-solar-os.privacyPolicUrl` links towards the privacy policy * `config.pub-solar-os.imprintUrl` links towards the imprint * `config.pub-solar-os.auth.enable` enables the keycloak installation. This is needed because `config.pub-solar-os.auth` has to be available everywhere, but we do not want to install keycloak everywhere. * `config.pub-solar-os.auth.realm` sets the keycloak realm name
33 lines
779 B
Nix
33 lines
779 B
Nix
{ flake
|
|
, config
|
|
, lib
|
|
, pkgs
|
|
, ...
|
|
}: {
|
|
services.nginx.virtualHosts."stream.${config.pub-solar-os.networking.domain}" = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:5000";
|
|
proxyWebsockets = true;
|
|
};
|
|
};
|
|
|
|
# Owncast
|
|
services.owncast = {
|
|
enable = true;
|
|
user = "owncast";
|
|
group = "owncast";
|
|
# The directory where owncast stores its data files.
|
|
dataDir = "/var/lib/owncast";
|
|
# Open the appropriate ports in the firewall for owncast.
|
|
openFirewall = true;
|
|
# The IP address to bind the owncast web server to.
|
|
listen = "127.0.0.1";
|
|
# TCP port where owncast rtmp service listens.
|
|
rtmp-port = 1935;
|
|
# TCP port where owncast web-gui listens.
|
|
port = 5000;
|
|
};
|
|
}
|