ringofstorms/dotfiles
ringofstorms/dotfiles
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

bunch of updates to use more effecient DNS split paths

Browse source
This commit is contained in:
RingOfStorms (Joshua Bell) 2025-10-09 23:02:10 -05:00
parent 160be6071e
commit 1717f8e3e9
15 changed files with 151 additions and 1145 deletions
Download patch file Download diff file Expand all files Collapse all files

3
hosts/h001/containers/forgejo.nix
View file

@ -69,6 +69,9 @@ in
virtualHosts = {
# forgejo http traffic
"git.joshuabell.xyz" = {
addSSL = true;
sslCertificate = "/var/lib/acme/joshuabell.xyz/fullchain.pem";
sslCertificateKey = "/var/lib/acme/joshuabell.xyz/key.pem";
locations."/" = {
proxyPass = "http://10.0.0.2:3000";
};

5
hosts/h001/containers/opengist.nix
View file

@ -29,8 +29,9 @@ in
'';
services.nginx.virtualHosts."gist.joshuabell.xyz" = {
# enableACME = true;
# forceSSL = true;
addSSL = true;
sslCertificate = "/var/lib/acme/joshuabell.xyz/fullchain.pem";
sslCertificateKey = "/var/lib/acme/joshuabell.xyz/key.pem";
locations = {
"/" = {
proxyWebsockets = true;

5
hosts/h001/containers/zitadel.nix
View file

@ -68,8 +68,9 @@ in
options = { };
config = {
services.nginx.virtualHosts."sso.joshuabell.xyz" = {
# enableACME = true;
# forceSSL = true;
addSSL = true;
sslCertificate = "/var/lib/acme/joshuabell.xyz/fullchain.pem";
sslCertificateKey = "/var/lib/acme/joshuabell.xyz/key.pem";
locations = {
"/" = {
proxyWebsockets = true;

5
hosts/h001/mods/n8n.nix
View file

@ -6,8 +6,9 @@
config = {
services.nginx.virtualHosts = {
"n8n.joshuabell.xyz" = {
# enableACME = true;
# forceSSL = true;
addSSL = true;
sslCertificate = "/var/lib/acme/joshuabell.xyz/fullchain.pem";
sslCertificateKey = "/var/lib/acme/joshuabell.xyz/key.pem";
locations = {
"/" = {
proxyWebsockets = true;

5
hosts/h001/mods/oauth2-proxy.nix
View file

@ -45,8 +45,9 @@ in
};
services.nginx.virtualHosts."sso-proxy.joshuabell.xyz" = {
# enableACME = true;
# forceSSL = true;
addSSL = true;
sslCertificate = "/var/lib/acme/joshuabell.xyz/fullchain.pem";
sslCertificateKey = "/var/lib/acme/joshuabell.xyz/key.pem";
locations = {
"/" = {
proxyWebsockets = true;

5
hosts/h001/mods/openwebui.nix
View file

@ -17,8 +17,9 @@ in
options = { };
config = {
services.nginx.virtualHosts."chat.joshuabell.xyz" = {
# enableACME = true;
# forceSSL = true;
addSSL = true;
sslCertificate = "/var/lib/acme/joshuabell.xyz/fullchain.pem";
sslCertificateKey = "/var/lib/acme/joshuabell.xyz/key.pem";
locations = {
"/" = {
proxyWebsockets = true;

7
hosts/h001/mods/trilium.nix
View file

@ -44,8 +44,9 @@ in
};
services.nginx.virtualHosts = {
"notes.joshuabell.xyz" = {
# enableACME = true;
# forceSSL = true;
addSSL = true;
sslCertificate = "/var/lib/acme/joshuabell.xyz/fullchain.pem";
sslCertificateKey = "/var/lib/acme/joshuabell.xyz/key.pem";
locations = {
"/" = {
proxyWebsockets = true;
@ -54,6 +55,8 @@ in
};
};
};
# TODO revisit, am I going to use the native app or web version
# this is only needed for the app that can't handle the oauth flow
"trilium_overlay" = {
serverName = "h001.net.joshuabell.xyz";
listen = [