kopatz/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add https

Browse Source
This commit is contained in:
Kopatz
2023-12-08 16:40:50 +01:00
parent ca39656b23
commit 65d61bf3eb
3 changed files with 18 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
modules/acme.nix
View File

@@ -1,7 +1,6 @@
{
security.acme = {
acceptTerms = true;
# Replace the email here!
defaults.email = "7265381+Kropatz@users.noreply.github.com";
};
}

3
modules/invidious.nix
View File

@@ -9,8 +9,6 @@ in
mode = "444";
};
security.acme.certs."yt.local".server = "https://127.0.0.1:8443/acme/acme/directory";
services.invidious = {
enable = true;
@@ -51,6 +49,7 @@ in
nginx.enable = false;
};
security.acme.certs."${fqdn}".server = "https://127.0.0.1:8443/acme/acme/directory";
services.nginx.virtualHosts."${fqdn}" = {
forceSSL = useHttps;
enableACME = useHttps;

17
modules/kavita.nix
View File

@@ -1,6 +1,9 @@
{ config, pkgs, lib, inputs, ... }:
let
fqdn = "kavita.local";
useHttps = config.services.step-ca.enable;
in
{
networking.firewall.allowedTCPPorts = [ 5000 ];
age.secrets.kavita = {
file = ../secrets/kavita.age;
@@ -28,4 +31,16 @@
EOF
'';
};
security.acme.certs."${fqdn}".server = "https://127.0.0.1:8443/acme/acme/directory";
services.nginx.virtualHosts."${fqdn}" = {
forceSSL = useHttps;
enableACME = useHttps;
locations."/".proxyPass = "http://127.0.0.1:5000";
locations."/".extraConfig = ''
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Methods "GET, POST, OPTIONS";
add_header Access-Control-Allow-Headers "Authorization, Origin, X-Requested-With, Content-Type, Accept";
'';
};
}