forked from colonelpanic/dotfiles
[NixOS] Make vaultwarden/certificates work on biskcomp
This commit is contained in:
parent
9f0d8d3982
commit
e9c7a3c3ce
@ -19,7 +19,7 @@ in
|
|||||||
modules.fonts.enable = true;
|
modules.fonts.enable = true;
|
||||||
modules.nixified-ai.enable = false;
|
modules.nixified-ai.enable = false;
|
||||||
modules.cache-server = {
|
modules.cache-server = {
|
||||||
enable = true;
|
enable = false;
|
||||||
host-string = biskcomp-nginx-hostnames;
|
host-string = biskcomp-nginx-hostnames;
|
||||||
port = 80;
|
port = 80;
|
||||||
path = "/nix-cache";
|
path = "/nix-cache";
|
||||||
@ -33,32 +33,26 @@ in
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
security.acme = {
|
||||||
|
acceptTerms = true;
|
||||||
|
email = "IvanMalison@gmail.com";
|
||||||
|
};
|
||||||
|
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
enable = true;
|
enable = true;
|
||||||
recommendedProxySettings = true;
|
recommendedProxySettings = true;
|
||||||
recommendedGzipSettings = true;
|
recommendedGzipSettings = true;
|
||||||
recommendedTlsSettings = true;
|
recommendedTlsSettings = true;
|
||||||
virtualHosts = {
|
virtualHosts = {
|
||||||
"192.168.1.44 railbird.ai 1896Folsom.duckdns.org 0.0.0.0 67.162.131.71" = {
|
"1896Folsom.duckdns.org" = {
|
||||||
root = ../railbird.ai;
|
enableACME = true;
|
||||||
|
forceSSL = true;
|
||||||
locations."/" = {
|
locations."/" = {
|
||||||
index = "index.html";
|
proxyPass = "http://[::1]:8222";
|
||||||
};
|
|
||||||
};
|
|
||||||
# Server block for Vaultwarden on a different port
|
|
||||||
"_:8222" = {
|
|
||||||
listen = [ { addr = "::"; port = 8222; } ]; # Listen on IPv6 and port 8222
|
|
||||||
forceSSL = false; # Assuming you're not using HTTPS for this one
|
|
||||||
locations."/" = {
|
|
||||||
proxyPass = "http://::1:8222";
|
|
||||||
proxySetHeaders = {
|
|
||||||
Host = "$host";
|
|
||||||
X-Real-IP = "$remote_addr";
|
|
||||||
X-Forwarded-For = "$proxy_add_x_forwarded_for";
|
|
||||||
X-Forwarded-Proto = "$scheme";
|
|
||||||
};
|
|
||||||
proxyRedirect = "off";
|
|
||||||
};
|
};
|
||||||
|
# listen = [
|
||||||
|
# { addr = "0.0.0.0"; port = 8443; }
|
||||||
|
# ];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
Loading…
Reference in New Issue
Block a user