Compare commits
No commits in common. "8d4d1e4be8241108ca475a335b83df75bf07e417" and "949691b4c260300af025a33a5181a5aca0f8731f" have entirely different histories.
8d4d1e4be8
...
949691b4c2
@ -40,10 +40,6 @@
|
|||||||
|
|
||||||
environment = {
|
environment = {
|
||||||
etc = {
|
etc = {
|
||||||
"fail2ban/filter.d/open-webui.conf" = {
|
|
||||||
source = ../../modules/services/server/fail2ban/filter/open-webui.conf;
|
|
||||||
mode = "0444";
|
|
||||||
};
|
|
||||||
"fail2ban/filter.d/gitea.conf" = {
|
"fail2ban/filter.d/gitea.conf" = {
|
||||||
source = ../../modules/services/server/fail2ban/filter/gitea.conf;
|
source = ../../modules/services/server/fail2ban/filter/gitea.conf;
|
||||||
mode = "0444";
|
mode = "0444";
|
||||||
@ -84,12 +80,6 @@
|
|||||||
findtime = "15m";
|
findtime = "15m";
|
||||||
};
|
};
|
||||||
jails = {
|
jails = {
|
||||||
open-webui = ''
|
|
||||||
enabled = true
|
|
||||||
filter = open-webui
|
|
||||||
backend = systemd
|
|
||||||
action = iptables-allports
|
|
||||||
'';
|
|
||||||
gitea = ''
|
gitea = ''
|
||||||
enabled = true
|
enabled = true
|
||||||
filter = gitea
|
filter = gitea
|
||||||
|
|||||||
@ -18,7 +18,7 @@
|
|||||||
./matrix.nix
|
./matrix.nix
|
||||||
./coturn.nix
|
./coturn.nix
|
||||||
./jitsi.nix
|
./jitsi.nix
|
||||||
./ollama.nix
|
#./ollama.nix
|
||||||
]
|
]
|
||||||
|
|
||||||
# picom, polybar and sxhkd are pulled from desktop module
|
# picom, polybar and sxhkd are pulled from desktop module
|
||||||
|
|||||||
@ -1,4 +1,5 @@
|
|||||||
[Definition]
|
[Definition]
|
||||||
failregex = .*(Failed authentication attempt|invalid credentials|Attempted access of unknown user).* from <HOST>
|
failregex = .*(Failed authentication attempt|invalid credentials|Attempted access of unknown user).* from <HOST>
|
||||||
ignoreregex =
|
ignoreregex =
|
||||||
journalmatch = _SYSTEMD_UNIT=gitea.service + _COMM=gitea
|
#journalmatch = _SYSTEMD_UNIT=gitea.servie
|
||||||
|
journalmatch =
|
||||||
|
|||||||
@ -1,4 +0,0 @@
|
|||||||
[Definition]
|
|
||||||
failregex = <HOST> - .*(401 Unauthorized|invalid credentials|Attempted access of unknown user).*
|
|
||||||
ignoreregex =
|
|
||||||
journalmatch = _SYSTEMD_UNIT=podman-open-webui.service + _COMM=podman-open-webui
|
|
||||||
@ -4,24 +4,19 @@ let
|
|||||||
ollamahostname = "llm.kabtop.de";
|
ollamahostname = "llm.kabtop.de";
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
virtualisation.oci-containers.containers."open-webui" = {
|
services.ollama = {
|
||||||
autoStart = true;
|
enable = true;
|
||||||
image = "ghcr.io/open-webui/open-webui:ollama";
|
listenAddress = "127.0.0.1:11434";
|
||||||
volumes = [
|
|
||||||
"/var/lib/open-webui:/app/backend/data"
|
|
||||||
];
|
|
||||||
hostname = "open-webui";
|
|
||||||
ports = [ "8081:8080" ];
|
|
||||||
};
|
};
|
||||||
|
|
||||||
services = {
|
services.nginx = {
|
||||||
nginx = {
|
|
||||||
virtualHosts = {
|
virtualHosts = {
|
||||||
${ollamahostname} = {
|
ollamahostname = {
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
locations."/".proxyPass = "http://localhost:8081";
|
listen = [ {
|
||||||
};
|
addr = "127.0.0.1"; port = 11434;
|
||||||
|
} ];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user