aottr.dev / otterden
❄️ Nix configurations
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

add plex

A. Ottr 18b4a90b eb57e4fa

+110
+1
hosts/polecat/configuration.nix
··· 12 12 ../../modules/nixos/server/traefik.nix 13 13 ../../modules/nixos/server/home-assistant.nix 14 14 ../../modules/nixos/server/media.nix 15 + ../../modules/nixos/server/plex.nix 15 16 ]; 16 17 17 18 age.secrets."passwd".file = ../../secrets/common/passwd.age;
+109
modules/nixos/server/plex.nix
··· 1 + { pkgs, ... }: 2 + 3 + { 4 + /* Plex Media Server requires the media.nix ! */ 5 + 6 + services.plex = { 7 + enable = true; 8 + openFirewall = true; 9 + owner = "media"; 10 + group = "media"; 11 + }; 12 + 13 + services.traefik.dynamicConfigOptions = { 14 + http = { 15 + routers.plex = { 16 + entryPoints = [ "websecure" ]; 17 + rule = "Host(`plex.otter.place`)"; 18 + service = "plex"; 19 + tls = { 20 + certResolver = "letsencrypt"; 21 + options = "plexTLS"; 22 + }; 23 + middlewares = [ "plex-headers" "plex-compress" "plex-buffering" ]; 24 + }; 25 + 26 + services.plex.loadBalancer = { 27 + passHostHeader = true; 28 + serversTransport = "plexTransport"; 29 + servers = [ { url = "http://127.0.0.1:32400"; } ]; 30 + }; 31 + 32 + middlewares = { 33 + plex-headers.headers.customRequestHeaders = { 34 + X-Real-IP = "{remoteip}"; 35 + X-Forwarded-For = "{remoteip}"; 36 + X-Forwarded-Proto = "https"; 37 + Host = "{host}"; 38 + Referer = "{host}"; 39 + Origin = "{host}"; 40 + 41 + X-Plex-Client-Identifier = "{headers.X-Plex-Client-Identifier}"; 42 + X-Plex-Device = "{headers.X-Plex-Device}"; 43 + X-Plex-Device-Name = "{headers.X-Plex-Device-Name}"; 44 + X-Plex-Platform = "{headers.X-Plex-Platform}"; 45 + X-Plex-Platform-Version = "{headers.X-Plex-Platform-Version}"; 46 + X-Plex-Product = "{headers.X-Plex-Product}"; 47 + X-Plex-Token = "{headers.X-Plex-Token}"; 48 + X-Plex-Version = "{headers.X-Plex-Version}"; 49 + X-Plex-Nocache = "{headers.X-Plex-Nocache}"; 50 + X-Plex-Provides = "{headers.X-Plex-Provides}"; 51 + X-Plex-Device-Vendor = "{headers.X-Plex-Device-Vendor}"; 52 + X-Plex-Model = "{headers.X-Plex-Model}"; 53 + 54 + Upgrade = "{headers.Upgrade}"; 55 + Connection = "upgrade"; 56 + }; 57 + 58 + plex-compress.compress.includedContentTypes = [ 59 + "text/plain" 60 + "text/css" 61 + "text/xml" 62 + "application/xml" 63 + "text/javascript" 64 + "application/x-javascript" 65 + "image/svg+xml" 66 + "application/json" 67 + "application/javascript" 68 + ]; 69 + 70 + plex-buffering.buffering.maxRequestBodyBytes = 104857600; 71 + }; 72 + 73 + serversTransports.plexTransport = { 74 + responseHeaderTimeout = "100m"; 75 + idleConnTimeout = "100m"; 76 + dialKeepAlive = "30s"; 77 + }; 78 + }; 79 + 80 + tls.options.plexTLS = { 81 + minVersion = "VersionTLS12"; 82 + preferServerCipherSuites = true; 83 + cipherSuites = [ 84 + "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" 85 + "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256" 86 + "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" 87 + "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" 88 + "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256" 89 + "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256" 90 + "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256" 91 + "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA" 92 + "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA" 93 + "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384" 94 + "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384" 95 + "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA" 96 + "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA" 97 + "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256" 98 + "TLS_DHE_RSA_WITH_AES_128_CBC_SHA" 99 + "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256" 100 + "TLS_DHE_RSA_WITH_AES_256_CBC_SHA" 101 + "TLS_RSA_WITH_AES_128_GCM_SHA256" 102 + "TLS_RSA_WITH_AES_256_GCM_SHA384" 103 + "TLS_RSA_WITH_AES_128_CBC_SHA256" 104 + "TLS_RSA_WITH_AES_256_CBC_SHA" 105 + "TLS_RSA_WITH_AES_128_CBC_SHA" 106 + ]; 107 + }; 108 + }; 109 + }