2c7e9986e2
- X-Forwarded-Proto support so it knows it's behind TLS - Remove extraneous logs and just log to stdout so it's caught be systemd Change-Id: I650777bbfd24a1922f26967ffff7da06d14b6639 Reviewed-on: https://cl.tvl.fyi/c/depot/+/952 Tested-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi>
24 lines
467 B
Nix
24 lines
467 B
Nix
{ ... }:
|
|
|
|
{
|
|
imports = [
|
|
./base.nix
|
|
];
|
|
|
|
config = {
|
|
services.nginx.virtualHosts."login.tvl.fyi" = {
|
|
serverName = "login.tvl.fyi";
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
|
|
extraConfig = ''
|
|
location / {
|
|
proxy_pass http://localhost:8443;
|
|
proxy_set_header X-Forwarded-For $remote_addr;
|
|
proxy_set_header X-Forwarded-Proto https;
|
|
proxy_set_header Host $host;
|
|
}
|
|
'';
|
|
};
|
|
};
|
|
}
|