colonelpanic/dotfiles
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add extraDomains support and register rbsf.railbird.ai

Browse Source 
- org-agenda-api-host now supports extraDomains option for additional
  domain names, each with its own ACME certificate
- Add org-agenda-api.rbsf.railbird.ai as extra domain on railbird-sf

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Ivan Malison
2026-01-31 22:43:02 -08:00
parent 91db521dfd
commit 06dde4652d
2 changed files with 25 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
nixos/machines/railbird-sf.nix
View File

@@ -20,6 +20,7 @@
services.org-agenda-api-host = { services.org-agenda-api-host = {
enable = true; enable = true;
domain = "rbsf.tplinkdns.com"; domain = "rbsf.tplinkdns.com";
extraDomains = [ "org-agenda-api.rbsf.railbird.ai" ];
containerImage = orgAgendaApiImageName; containerImage = orgAgendaApiImageName;
containerImageFile = orgAgendaApiContainer; containerImageFile = orgAgendaApiContainer;
secretsFile = config.age.secrets.org-api-auth-password.path; secretsFile = config.age.secrets.org-api-auth-password.path;

35
nixos/org-agenda-api-host.nix
View File

@@ -18,6 +18,13 @@ in
description = "Base domain name (service will be at org-agenda-api.<domain>)"; description = "Base domain name (service will be at org-agenda-api.<domain>)";
}; };
extraDomains = mkOption {
type = types.listOf types.str;
default = [];
description = "Additional full domain names to serve (each gets its own ACME cert)";
example = [ "org-agenda-api.example.com" ];
};
acmeEmail = mkOption { acmeEmail = mkOption {
type = types.str; type = types.str;
default = "IvanMalison@gmail.com"; default = "IvanMalison@gmail.com";
@@ -93,18 +100,24 @@ in
recommendedOptimisation = true; recommendedOptimisation = true;
recommendedGzipSettings = true; recommendedGzipSettings = true;
virtualHosts."org-agenda-api.${cfg.domain}" = { virtualHosts = let
enableACME = true; mkVirtualHost = domain: {
forceSSL = true; name = domain;
locations."/" = { value = {
proxyPass = "http://127.0.0.1:${toString containerPort}"; enableACME = true;
proxyWebsockets = true; forceSSL = true;
extraConfig = '' locations."/" = {
proxy_read_timeout 300s; proxyPass = "http://127.0.0.1:${toString containerPort}";
proxy_connect_timeout 75s; proxyWebsockets = true;
''; extraConfig = ''
proxy_read_timeout 300s;
proxy_connect_timeout 75s;
'';
};
};
}; };
}; allDomains = [ "org-agenda-api.${cfg.domain}" ] ++ cfg.extraDomains;
in builtins.listToAttrs (map mkVirtualHost allDomains);
}; };
# Open firewall for HTTP/HTTPS # Open firewall for HTTP/HTTPS