{config, lib, pkgs, ...}: let grg = config.services.greg-ng; grgw = config.services.grzegorz-webui; in { imports = [ ./greg.nix ]; services.pipewire.enable = true; services.pipewire.alsa.enable = true; services.pipewire.alsa.support32Bit = true; services.pipewire.pulse.enable = true; users.users.pvv = { isNormalUser = true; description = "pvv"; }; # services.grzegorz.enable = true; # services.grzegorz.listenAddr = "localhost"; # services.grzegorz.listenPort = 31337; services.greg-ng.enable = true; services.greg-ng.settings.host = "localhost"; services.greg-ng.settings.port = 31337; services.grzegorz-webui.enable = true; services.grzegorz-webui.listenAddr = "localhost"; services.grzegorz-webui.listenPort = 42069; services.grzegorz-webui.listenWebsocketPort = 42042; services.grzegorz-webui.hostName = "${config.networking.fqdn}"; services.grzegorz-webui.apiBase = "http://${grg.settings.host}:${toString grg.settings.port}/api"; xdg.portal = { enable = true; wlr.enable = true; extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; }; services.greetd = { enable = true; settings = rec { initial_session = { command = "${pkgs.sway}/bin/sway"; user = "pvv"; }; default_session = initial_session; }; }; programs.sway = { enable = true; wrapperFeatures.gtk = true; }; services.nginx.enable = true; services.nginx.virtualHosts."${config.networking.fqdn}" = { forceSSL = true; enableACME = true; kTLS = true; serverAliases = [ "${config.networking.hostName}.pvv.org" ]; extraConfig = '' allow 129.241.210.128/25; allow 2001:700:300:1900::/64; deny all; ''; locations."/" = { proxyPass = "http://${grgw.listenAddr}:${toString grgw.listenPort}"; }; # https://github.com/rawpython/remi/issues/216 locations."/websocket" = { proxyPass = "http://${grgw.listenAddr}:${toString grgw.listenWebsocketPort}"; proxyWebsockets = true; }; locations."/api" = { proxyPass = "http://${grg.settings.host}:${toString grg.settings.port}"; }; locations."/docs" = { proxyPass = "http://${grg.settings.host}:${toString grg.settings.port}"; }; }; }