Compare commits
No commits in common. "0a95c92946cd3e78f8cdf5a5035276859770f9b3" and "433307c055b0eb08c4ba4bb826e7e954ebbe39b7" have entirely different histories.
0a95c92946
...
433307c055
|
@ -1,12 +1,12 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
{
|
||||
services.nginx = {
|
||||
virtualHosts."managment.lauterer.it" = {
|
||||
virtualHosts."managment.funn-nas.lauterer.it" = {
|
||||
forceSSL = true;
|
||||
useACMEHost = config.networking.domain;
|
||||
locations."/" = {
|
||||
proxyWebsockets = true;
|
||||
proxyPass = "http://100.104.182.48";
|
||||
proxyPass = "https://100.104.182.48:443";
|
||||
};
|
||||
basicAuthFile = config.sops.secrets."nginx/defaultpass".path;
|
||||
};
|
||||
|
@ -51,15 +51,29 @@
|
|||
basicAuthFile = config.sops.secrets."nginx/defaultpass".path;
|
||||
};
|
||||
|
||||
virtualHosts."rss.lauterer.it" = {
|
||||
virtualHosts."freshrss.lauterer.it" = {
|
||||
forceSSL = true;
|
||||
useACMEHost = config.networking.domain;
|
||||
locations."/" = {
|
||||
proxyWebsockets = true;
|
||||
proxyPass = "http://100.84.215.84:8081";
|
||||
proxyPass = "http://100.84.215.84:80";
|
||||
};
|
||||
#basicAuthFile = config.sops.secrets."nginx/defaultpass".path;
|
||||
basicAuthFile = config.sops.secrets."nginx/defaultpass".path;
|
||||
};
|
||||
|
||||
virtualHosts."minecraft.256.no" = {
|
||||
locations."/" = {
|
||||
proxyWebsockets = true;
|
||||
proxyPass = "100.84.215.84:25565";
|
||||
# extraConfig = ''
|
||||
# proxy_set_header Host $host;
|
||||
# proxy_set_header X-Real-IP $remote_addr;
|
||||
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
# proxy_set_header X-Forwarded-Proto $scheme;
|
||||
# '';
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
};
|
||||
}
|
||||
|
|
|
@ -8,6 +8,8 @@
|
|||
# services.oauth2_proxy = {
|
||||
# enable = true;
|
||||
# }
|
||||
|
||||
|
||||
#proxy stuff
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
|
@ -22,5 +24,79 @@
|
|||
commonHttpConfig = ''
|
||||
access_log syslog:server=unix:/dev/log;
|
||||
'';
|
||||
|
||||
|
||||
virtualHosts."managment.funn-nas.lauterer.it" = {
|
||||
forceSSL = true;
|
||||
useACMEHost = config.networking.domain;
|
||||
locations."/" = {
|
||||
proxyWebsockets = true;
|
||||
proxyPass = "https://100.104.182.48";
|
||||
};
|
||||
basicAuthFile = config.sops.secrets."nginx/defaultpass".path;
|
||||
};
|
||||
|
||||
virtualHosts."funn-nas.lauterer.it" = {
|
||||
forceSSL = true;
|
||||
useACMEHost = config.networking.domain;
|
||||
locations."/" = {
|
||||
proxyWebsockets = true;
|
||||
proxyPass = "https://100.104.182.48:30044";
|
||||
};
|
||||
basicAuthFile = config.sops.secrets."nginx/defaultpass".path;
|
||||
};
|
||||
|
||||
virtualHosts."home.lauterer.it" = {
|
||||
forceSSL = true;
|
||||
useACMEHost = config.networking.domain;
|
||||
locations."/" = {
|
||||
proxyWebsockets = true;
|
||||
proxyPass = "http://10.0.0.32:8123";
|
||||
};
|
||||
# ignorerer sikkerhet for littegran for å oprettholde lettvinthet og app kompatibilitet.
|
||||
#basicAuthFile = config.sops.secrets."nginx/defaultpass".path;
|
||||
};
|
||||
|
||||
virtualHosts."jellyfin.lauterer.it" = {
|
||||
forceSSL = true;
|
||||
useACMEHost = config.networking.domain;
|
||||
locations."/" = {
|
||||
proxyWebsockets = true;
|
||||
proxyPass = "http://100.84.215.84:8096";
|
||||
};
|
||||
#basicAuthFile = config.sops.secrets."nginx/defaultpass".path;
|
||||
};
|
||||
|
||||
# virtualHosts.${"vpn."+config.networking.domain} = {
|
||||
# forceSSL = true;
|
||||
# useACMEHost = "${config.networking.domain}";
|
||||
# locations."/" = {
|
||||
# proxyWebsockets = true;
|
||||
# proxyPass = "http://localhost:${toString config.services.headscale.port}";
|
||||
# };
|
||||
# };
|
||||
|
||||
# virtualHosts.${config.services.kanidm.serverSettings.domain} = { # (auth.)
|
||||
# forceSSL = true;
|
||||
# useACMEHost = "${config.networking.domain}";
|
||||
# locations."/" = {
|
||||
# proxyWebsockets = true;
|
||||
# proxyPass = "${"https://"+config.services.kanidm.serverSettings.bindaddress}";
|
||||
|
||||
# };
|
||||
# };
|
||||
|
||||
# virtualHosts.${"jellyfin."+config.networking.domain} = {
|
||||
# forceSSL = true;
|
||||
# #enableACME = true;
|
||||
# useACMEHost = "${config.networking.domain}";
|
||||
# locations."/" = {
|
||||
# proxyPass = "http://jellyfin.galadriel";
|
||||
# proxyWebsockets = true;
|
||||
# basicAuthFile = config.sops.secrets."nginx/defaultpass".path;
|
||||
# };
|
||||
# };
|
||||
};
|
||||
|
||||
|
||||
}
|
||||
|
|
|
@ -18,7 +18,7 @@
|
|||
|
||||
|
||||
services.miniflux.enable = true;
|
||||
services.miniflux.config.LISTEN_ADDR = "0.0.0.0:8081";
|
||||
services.miniflux.config.LISTEN_ADDR = "localhost:8081";
|
||||
services.miniflux.adminCredentialsFile = config.sops.secrets."miniflux/adminCredentialsFile".path;
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue