ringofstorms/dotfiles
ringofstorms/dotfiles
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
dotfiles/hosts/h001/nginx.nix
RingOfStorms (Joshua Bell) 160be6071e add media to ssl cert
2025-10-09 21:54:06 -05:00

72 lines
1.6 KiB
Nix
Raw Blame History

{
config,
...
}:
let
homarr = {
proxyWebsockets = true;
proxyPass = "http://localhost:7575";
};
in
{
# TODO transfer these to o001 to use same certs?
security.acme = {
acceptTerms = true;
defaults.email = "admin@joshuabell.xyz";
certs."joshuabell.xyz" = {
domain = "joshuabell.xyz";
extraDomainNames = [ "*.joshuabell.xyz" ];
credentialFiles = {
LINODE_TOKEN_FILE = config.age.secrets.linode_rw_domains.path;
};
dnsProvider = "linode";
group = "nginx";
};
};
services.nginx = {
enable = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
clientMaxBodySize = "500m";
virtualHosts = {
"10.12.14.10" = {
locations = {
"/" = {
return = "301 http://h001.local.joshuabell.xyz";
};
};
};
"h001.local.joshuabell.xyz" = {
locations = {
"/" = homarr;
};
};
"100.64.0.13" = {
locations."/" = {
return = "301 http://h001.net.joshuabell.xyz";
};
};
"h001.net.joshuabell.xyz" = {
locations = {
"/grafana/" = {
proxyPass = "http://localhost:3001";
proxyWebsockets = true;
recommendedProxySettings = true;
};
"/" = homarr;
};
};
"_" = {
rejectSSL = true;
default = true;
locations."/" = {
return = "444"; # 404 for not found or 444 for drop
};
};
};
};
}
Reference in a new issue View git blame Copy permalink