Set up navidrome

Some OpenNIC stuff also got staged but I'm too lazy to split.

3 files changed, 70 insertions, 2 deletions

diff --git a/configuration.nix b/configuration.nix
index d93694f..c76e151 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -37,6 +37,7 @@
     ./git.nix
     ./mail.nix
     ./matrix.nix
+    ./music.nix
     ./push.nix
     ./static.nix
     ./status.nix
diff --git a/dns.nix b/dns.nix
index 78c4d7d..2a55ba3 100644
--- a/dns.nix
+++ b/dns.nix
@@ -19,13 +19,25 @@
 { ... }:
 let
   cercleLibreZone = builtins.toFile "cercle.libre.zone" ''
-    @ SOA  danh.loang.net. mcsinyx.disroot.org. 2023021702 14400 3600 604800 3600
+    @ SOA  danh.loang.net. cnx.loang.net. 2023021702 14400 3600 604800 3600
+    @ NS   danh.loang.net.
+    @ A    37.205.11.127
+    @ AAAA 2a03:3b40:100::1:2
+  '';
+  musikePirateZone = builtins.toFile "musike.pirate.zone" ''
+    @ SOA  danh.loang.net. cnx.loang.net. 2023071727 14400 3600 604800 3600
+    @ NS   danh.loang.net.
+    @ A    37.205.11.127
+    @ AAAA 2a03:3b40:100::1:2
+  '';
+  rubParodyZone = builtins.toFile "rub.parody.zone" ''
+    @ SOA  danh.loang.net. cnx.loang.net. 2023032101 14400 3600 604800 3600
     @ NS   danh.loang.net.
     @ A    37.205.11.127
     @ AAAA 2a03:3b40:100::1:2
   '';
   sinyxIndyZone = builtins.toFile "sinyx.indy.zone" ''
-    @ SOA  danh.loang.net. mcsinyx.disroot.org. 2023022002 14400 3600 604800 3600
+    @ SOA  danh.loang.net. cnx.loang.net. 2023022002 14400 3600 604800 3600
     @ NS   danh.loang.net.
     @ A    37.205.11.127
     @ AAAA 2a03:3b40:100::1:2
@@ -86,6 +98,12 @@ in {
         - domain: loang.net
           notify: secondary
           acl: secondary
+        - domain: musike.pirate
+          file: ${musikePirateZone}
+          dnssec-signing: off
+        - domain: rub.parody
+          file: ${rubParodyZone}
+          dnssec-signing: off
         - domain: sinyx.indy
           file: ${sinyxIndyZone}
           dnssec-signing: off
diff --git a/music.nix b/music.nix
new file mode 100644
index 0000000..7e3db88
--- /dev/null
+++ b/music.nix
@@ -0,0 +1,49 @@
+# Music server configuration
+# Copyright (C) 2023  Nguyễn Gia Phong
+#
+# This file is part of loang configuration.
+#
+# Loang configuration is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Loang configuration is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with loang configuration.  If not, see <https://www.gnu.org/licenses/>.
+
+{ config, ... }:
+let
+  icann = "nghe.${config.networking.domain}";
+  openNIC = "musike.pirate";
+  port = toString config.services.navidrome.settings.Port;
+  proxy = {
+    locations."/".proxyPass = "http://localhost:${port}";
+  };
+in {
+  services = {
+    navidrome = {
+      enable = true;
+      settings = {
+        EnableSharing = true;
+        MusicFolder = "/mnt/nas/www/${openNIC}";
+        Port = 4533;
+      };
+    };
+
+    nginx.virtualHosts = {
+      ${icann} = {
+        enableACME = true;
+        forceSSL = true;
+      } // proxy;
+      ${openNIC} = {
+        addSSL = true;
+        useACMEHost = icann;
+      } // proxy;
+    };
+  };
+}