37 lines
988 B
Nix
37 lines
988 B
Nix
{
|
|
service_configs,
|
|
lib,
|
|
...
|
|
}:
|
|
{
|
|
imports = [
|
|
(lib.serviceMountWithZpool "traccar" service_configs.zpool_ssds [
|
|
"/var/lib/private/traccar"
|
|
])
|
|
(lib.serviceFilePerms "traccar" [
|
|
"Z /var/lib/private/traccar 0700 root root"
|
|
])
|
|
(lib.mkCaddyReverseProxy {
|
|
subdomain = "traccar";
|
|
port = service_configs.ports.private.traccar_web.port;
|
|
})
|
|
];
|
|
|
|
services.traccar = {
|
|
enable = true;
|
|
settings = {
|
|
web.port = toString service_configs.ports.private.traccar_web.port;
|
|
|
|
# Only enable OsmAnd protocol (phone app). Prevents Traccar from
|
|
# opening 200+ default protocol ports that conflict with other services.
|
|
protocols.enable = "osmand";
|
|
osmand.port = toString service_configs.ports.public.traccar_tracking.port;
|
|
};
|
|
};
|
|
|
|
# OsmAnd tracking port must be reachable from the internet for the phone app
|
|
networking.firewall.allowedTCPPorts = [
|
|
service_configs.ports.public.traccar_tracking.port
|
|
];
|
|
}
|