Commit d8f6eb7bd669
Changed files (3)
systems/athena/extra.nix
@@ -1,5 +1,6 @@
{
pkgs,
+ lib,
libx,
globals,
...
@@ -16,7 +17,14 @@
# TODO make it an option ? (otherwise I'll add it for all)
users.users.vincent.linger = true;
- systemd.services.nginx.serviceConfig.ReadWritePaths = [ "/var/www/" ];
+ # Ensure nginx can access vincent's home directory
+ systemd.services.nginx.serviceConfig = {
+ ReadWritePaths = [ "/home/vincent/sync/boox" ];
+ # Run nginx workers as vincent user for proper permissions
+ User = lib.mkForce "vincent";
+ Group = lib.mkForce "users";
+ };
+
services = {
wireguard = {
enable = true;
@@ -38,7 +46,7 @@
recommendedOptimisation = true;
virtualHosts."dav.athena.sbr.pm" = {
locations."/" = {
- root = "/var/www/dav";
+ root = "/home/vincent/sync/boox";
basicAuthFile = "/var/www/dav.auth";
extraConfig = ''
autoindex on;
systems/rhea/extra.nix
@@ -212,6 +212,7 @@
n8n = mkRouter "n8n" [ "n8n.sbr.pm" ];
paperless = mkRouter "paperless" [ "paperless.sbr.pm" ];
grafana = mkRouter "grafana" [ "grafana.sbr.pm" ];
+ dav = mkRouter "dav" [ "dav.sbr.pm" ];
};
services =
syncthingServices
@@ -223,6 +224,7 @@
paperless = mkService "http://${builtins.head globals.machines.sakhalin.net.ips}:8000";
grafana = mkService "http://${builtins.head globals.machines.sakhalin.net.ips}:3000";
navidrome = mkService "http://${builtins.head globals.machines.aion.net.ips}:4533";
+ dav = mkService "http://${builtins.head globals.machines.athena.net.ips}:80";
};
middlewares =
syncthingMiddlewares
globals.nix
@@ -525,6 +525,8 @@ _: {
};
# Music streaming on aion (routed through rhea/traefik)
music.host = "rhea";
+ # WebDAV on athena (routed through rhea/traefik)
+ dav.host = "rhea";
# MQTT on demeter (routed through rhea/traefik)
mqtt.host = "rhea";
# Services on sakhalin (routed through rhea/traefik)