modo-test

2024-06-21 13:46:57 +02:00 · 2024-06-21 13:46:57 +02:00 · eb4634e71c
commit eb4634e71c
parent 5cc8688003
5 changed files with 161 additions and 25 deletions
--- a/machines/kat-r86s/configuration.nix
+++ b/machines/kat-r86s/configuration.nix
@ -128,26 +128,46 @@
        };
      };
    in
-  {
-    enable = true;
-    virtualHosts =
-      builtins.mapAttrs (_: {vm, ...}: {
-        enableACME = true;
-        addSSL = true;
-        acmeFallbackHost = vm;
-        acmeFallbackRecommendedProxySettings = true;
-        locations."/" = {
-          recommendedProxySettings = true;
-          proxyPass = "https://${vm}/";
-        };
-      }) vhosts;
-      streamConfig = builtins.concatStringsSep "\n" (lib.mapAttrsToList (vhost: {vm, sshport}: ''
+    {
+      enable = true;
+      virtualHosts = builtins.mapAttrs (
+        _:
+        { vm, ... }:
+        {
+          enableACME = true;
+          addSSL = true;
+          acmeFallbackHost = vm;
+          acmeFallbackRecommendedProxySettings = true;
+          locations."/" = {
+            recommendedProxySettings = true;
+            proxyPass = "https://${vm}/";
+          };
+        }
+      ) vhosts;
+      streamConfig =
+        builtins.concatStringsSep "\n" (
+          lib.mapAttrsToList (
+            vhost:
+            { vm, sshport }:
+            ''
+              server {
+                listen ${toString sshport};
+                proxy_pass ${vm}:22;
+              }
+            ''
+          ) vhosts
+        )
+        + ''
          server {
-            listen ${toString sshport};
-            proxy_pass ${vm}:22;
+            listen 993;
+            proxy_pass 192.168.122.3:993;
          }
-      '') vhosts);
-  };
+          server {
+            listen 465;
+            proxy_pass 192.168.122.3:465;
+          }
+        '';
+    };

  # Open ports in the firewall.
  networking.firewall = {
@ -156,6 +176,8 @@
      53
      80
      443
+      465
+      993
    ];
    allowedTCPPortRanges = [
      {