{ config, pkgs, lib, ... }: let webmusic-nginx = pkgs.fetchgit { url = "https://cgit.ctu.cx/webmusic-nginx"; rev = "ac42fd4ab6820f5e840b13cbd03f3cdf0ae149ff"; sha256 = "00griw6qn3qw2g3ga5nn5p7dk0xac9wa2ni35n4a4yasd1y71xx8"; }; in { # dns.zones."ctu.cx".subdomains."music.home".CNAME = [ "${config.networking.fqdn}." ]; services.dnsmasq.settings.cname = [ "music.home.ctu.cx, ${config.networking.fqdn}" ]; fileSystems."/mnt/music_originals" = { device = "/nix/persist/home/katja/syncthing/Music (Originals)"; options = [ "bind" "ro" ]; }; services.nginx = { enable = true; virtualHosts."music.home.ctu.cx" = { enableACME = lib.mkIf config.networking.usePBBUplink true; forceSSL = lib.mkIf config.networking.usePBBUplink true; kTLS = lib.mkIf config.networking.usePBBUplink true; root = "/mnt/music_originals"; locations = { "~ ^(.*/)$".extraConfig = '' autoindex on; autoindex_exact_size off; autoindex_format xml; xslt_string_param path $uri; xslt_stylesheet ${webmusic-nginx}/webmusic.xslt; auth_basic 'Auth required'; auth_basic_user_file ${pkgs.writeText "auth-file" "giveme:$apr1$nln71O9Y$j2wSV4BmYBHbqRSwOGQZl."}; ''; "~(.*)playlist.m3u$".extraConfig = '' set $url http://[::1]:81$1; proxy_pass $url; proxy_set_header Domain $scheme://$host; proxy_hide_header 'Content-Type'; add_header 'Content-Type' 'text/plain'; ''; "/assets/".alias = "${webmusic-nginx}/"; }; extraConfig = '' satisfy any; allow 2a0f:4ac0:acab::/48; allow 10.0.0.0/8; allow 195.39.246.32/28; allow 195.39.247.48/29; ''; }; appendHttpConfig = '' server { server_name webmusic.local; listen [::1]:81; access_log off; allow ::1; deny all; root /mnt/music_originals; location / { autoindex on; autoindex_exact_size off; autoindex_format xml; xslt_string_param domain $http_domain; xslt_string_param path $uri; xslt_stylesheet ${webmusic-nginx}/webmusic-playlist.xslt; } } ''; }; }