{config, lib, pkgs, ...}: let grg = config.services.greg-ng; grgw = config.services.grzegorz-webui; in { services.greg-ng = { enable = true; settings.host = "localhost"; settings.port = 31337; enableSway = true; enablePipewire = true; }; services.grzegorz-webui = { enable = true; listenAddr = "localhost"; listenPort = 42069; listenWebsocketPort = 42042; hostName = "${config.networking.fqdn}"; apiBase = "http://${grg.settings.host}:${toString grg.settings.port}/api"; }; services.nginx.enable = true; services.nginx.virtualHosts."${config.networking.fqdn}" = { forceSSL = true; enableACME = true; kTLS = true; serverAliases = [ "${config.networking.hostName}.pvv.org" ]; extraConfig = '' allow 129.241.210.128/25; allow 2001:700:300:1900::/64; deny all; ''; locations."/" = { proxyPass = "http://${grgw.listenAddr}:${toString grgw.listenPort}"; }; # https://github.com/rawpython/remi/issues/216 locations."/websocket" = { proxyPass = "http://${grgw.listenAddr}:${toString grgw.listenWebsocketPort}"; proxyWebsockets = true; }; locations."/api" = { proxyPass = "http://${grg.settings.host}:${toString grg.settings.port}"; }; locations."/docs" = { proxyPass = "http://${grg.settings.host}:${toString grg.settings.port}"; }; }; }