lbailly/config-perso
1
0
Fork 0
Code Pull requests Projects Releases Packages Activity

fix acme

Browse source
This commit is contained in:
catvayor 2024-06-19 16:26:15 +02:00
parent c032e84459
commit 5cc8688003
7 changed files with 138 additions and 66 deletions
Download patch file Download diff file Expand all files Collapse all files

64
machines/kat-r86s/configuration.nix
View file

@ -111,38 +111,42 @@
acceptTerms = true;
defaults.email = "root@katvayor.net";
};
services.nginx = {
enable = true;
virtualHosts = {
"degette.katvayor.net" = {
enableACME = true;
addSSL = true;
locations."/" = {
recommendedProxySettings = true;
proxyPass = "http://192.168.122.2/";
services.nginx =
let
vhosts = {
"degette.katvayor.net" = {
vm = "192.168.122.2";
sshport = 22000;
};
"betamail.katvayor.net" = {
vm = "192.168.122.3";
sshport = 22002;
};
"traque.katvayor.net" = {
vm = "192.168.122.4";
sshport = 22001;
};
};
"traque.katvayor.net".locations."/" = {
recommendedProxySettings = true;
proxyPass = "http://192.168.122.4/";
};
};
streamConfig = ''
upstream kat-virt {
server 192.168.122.2:22;
}
server {
listen 22000;
proxy_pass kat-virt;
}
upstream kat-traque {
server 192.168.122.4:22;
}
server {
listen 22001;
proxy_pass kat-virt;
}
'';
in
{
enable = true;
virtualHosts =
builtins.mapAttrs (_: {vm, ...}: {
enableACME = true;
addSSL = true;
acmeFallbackHost = vm;
acmeFallbackRecommendedProxySettings = true;
locations."/" = {
recommendedProxySettings = true;
proxyPass = "https://${vm}/";
};
}) vhosts;
streamConfig = builtins.concatStringsSep "\n" (lib.mapAttrsToList (vhost: {vm, sshport}: ''
server {
listen ${toString sshport};
proxy_pass ${vm}:22;
}
'') vhosts);
};
# Open ports in the firewall.