diff --git a/hosts/phoenix.lewd.wtf/c3moc.nix b/hosts/phoenix.lewd.wtf/c3moc.nix index dbe020e..2ac08ba 100644 --- a/hosts/phoenix.lewd.wtf/c3moc.nix +++ b/hosts/phoenix.lewd.wtf/c3moc.nix @@ -17,6 +17,10 @@ in { device = "/mnt/zbigdata/media"; options = [ "bind" ]; }; + "/export/c3moc/games" = lib.mkIf cfg.switchNfs { + device = "/mnt/zbigdata/games"; + options = [ "bind" ]; + }; "/export/c3moc/dropfolder" = lib.mkIf cfg.switchNfs { device = "/mnt/zbigdata/c3moc_dropfolder"; options = [ "bind" ]; @@ -27,13 +31,19 @@ in { autoStart = true; privateNetwork = true; hostAddress = "192.168.69.1"; + hostAddress6 = "aa69::1"; localAddress = "192.168.69.10"; + localAddress6 = "aa69::69"; bindMounts = { "/home/c3moc/media" = { hostPath = "/mnt/zbigdata/media"; isReadOnly = true; }; + "/home/c3moc/games" = { + hostPath = "/mnt/zbigdata/games"; + isReadOnly = true; + }; "/home/c3moc/dropfolder" = { hostPath = "/mnt/zbigdata/c3moc_dropfolder"; isReadOnly = false; @@ -125,6 +135,8 @@ in { services.nfs.server.exports = mkIf cfg.switchNfs '' /export (ro,fsid=0,no_subtree_check) /export/c3moc (ro,nohide,insecure,no_subtree_check) + /export/c3moc/games (ro,nohide,insecure,no_subtree_check) + /export/c3moc/media (ro,nohide,insecure,no_subtree_check) /export/c3moc/dropfolder (rw,nohide,insecure,no_subtree_check) ''; @@ -167,8 +179,91 @@ in { proto = "tcp"; sourcePort = 445; } + # FTP + { + destination = "aa69::69:20"; + proto = "tcp"; + sourcePort = 20; + } + { + destination = "aa69::69:21"; + proto = "tcp"; + sourcePort = 21; + } + # SFTP + { + destination = "aa69::69:22"; + proto = "tcp"; + sourcePort = 22; + } + # SMB + { + destination = "aa69::69:137"; + proto = "udp"; + sourcePort = 137; + } + { + destination = "aa69::69:138"; + proto = "udp"; + sourcePort = 138; + } + { + destination = "aa69::69:139"; + proto = "tcp"; + sourcePort = 139; + } + { + destination = "aa69::69:445"; + proto = "tcp"; + sourcePort = 445; + } ]; + # Monitoring Stuff + services.prometheus.exporters.node = { + enable = true; + port = 9100; + enabledCollectors = [ + "logind" + "systemd" + ]; + disabledCollectors = [ + "textfile" + ]; + }; + services.prometheus = { + enable = true; + + scrapeConfigs = [ + { + job_name = "node"; + static_configs = [{ + targets = [ "localhost:${toString config.services.prometheus.exporters.node.port}" ]; + }]; + } + ]; + }; + services.grafana = { + enable = true; + settings = { + server = { + # Listening Address + http_addr = "127.0.0.1"; + # and Port + http_port = 3000; + # Grafana needs to know on which domain and URL it's running + domain = "gpn22.c3moc.lol"; + root_url = "https://gpn22.c3moc.lol/stats/"; # Not needed if it is `https://your.domain/` + serve_from_sub_path = true; + }; + "auth.anonymous" = { + enabled = true; + org_name = "Public"; + }; + }; + }; + + # Nginx Stuff services.nginx = { virtualHosts."gpn22.c3moc.lol" = { @@ -219,6 +314,11 @@ in { proxy_set_header X-Forwarded-Host $http_host; ''; }; + "/stats/" = { + proxyPass = "http://${toString config.services.grafana.settings.server.http_addr}:${toString config.services.grafana.settings.server.http_port}"; + proxyWebsockets = true; + recommendedProxySettings = true; + }; }; }; };