[NixOS] Make vaultwarden/certificates work on biskcomp

This commit is contained in:
Ivan Malison 2023-09-23 13:52:39 -06:00
parent 9f0d8d3982
commit e9c7a3c3ce

View File

@ -19,7 +19,7 @@ in
modules.fonts.enable = true;
modules.nixified-ai.enable = false;
modules.cache-server = {
enable = true;
enable = false;
host-string = biskcomp-nginx-hostnames;
port = 80;
path = "/nix-cache";
@ -33,32 +33,26 @@ in
};
};
security.acme = {
acceptTerms = true;
email = "IvanMalison@gmail.com";
};
services.nginx = {
enable = true;
recommendedProxySettings = true;
recommendedGzipSettings = true;
recommendedTlsSettings = true;
virtualHosts = {
"192.168.1.44 railbird.ai 1896Folsom.duckdns.org 0.0.0.0 67.162.131.71" = {
root = ../railbird.ai;
"1896Folsom.duckdns.org" = {
enableACME = true;
forceSSL = true;
locations."/" = {
index = "index.html";
};
};
# Server block for Vaultwarden on a different port
"_:8222" = {
listen = [ { addr = "::"; port = 8222; } ]; # Listen on IPv6 and port 8222
forceSSL = false; # Assuming you're not using HTTPS for this one
locations."/" = {
proxyPass = "http://::1:8222";
proxySetHeaders = {
Host = "$host";
X-Real-IP = "$remote_addr";
X-Forwarded-For = "$proxy_add_x_forwarded_for";
X-Forwarded-Proto = "$scheme";
};
proxyRedirect = "off";
proxyPass = "http://[::1]:8222";
};
# listen = [
# { addr = "0.0.0.0"; port = 8443; }
# ];
};
};
};