sako/nixos
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

do jellyfin things

Browse source
This commit is contained in:
Sakooooo 2025-01-03 12:07:03 +04:00
parent 0169ebeaf6
commit 9be9f2d064
Signed by: sako
GPG key ID: FE52FD65B76E4751
1 changed files with 20 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
modules/server/media/jellyfin.nix
View file

@ -18,7 +18,26 @@ in {
forceSSL = true; forceSSL = true;
sslCertificate = "/srv/secrets/certs/sako.box.pem"; sslCertificate = "/srv/secrets/certs/sako.box.pem";
sslCertificateKey = "/srv/secrets/certs/sako.box-key.pem"; sslCertificateKey = "/srv/secrets/certs/sako.box-key.pem";
locations."/" = { proxyPass = "http://localhost:8096"; }; extraConfig = ''
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
add_header Permissions-Policy "accelerometer=(), ambient-light-sensor=(), battery=(), bluetooth=(), camera=(), clipboard-read=(), display-capture=(), document-domain=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), payment=(), publickey-credentials-get=(), serial=(), sync-xhr=(), usb=(), xr-spatial-tracking=()" always;
add_header Content-Security-Policy "default-src https: data: blob: ; img-src 'self' https://* ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://www.gstatic.com https://www.youtube.com blob:; worker-src 'self' blob:; connect-src 'self'; object-src 'none'; frame-ancestors 'self'";
'';
locations = {
"/" = {
proxyPass = "http://localhost:8096";
extraConfig = ''
# Disable buffering when the nginx proxy gets very resource heavy upon streaming
proxy_buffering off;
'';
};
"/socket" = {
proxyPass = "http://localhost:8096";
proxyWebsockets = true;
};
};
}; };
}; };
}; };