peprolinbot/frues-clan
1
0
Fork 0
Code Issues Pull requests 1 Wiki Activity Actions

Refactor

Browse source
This commit is contained in:
Pedro Rey Anca 2025-10-08 15:25:19 +02:00
parent 5dbdf38849
commit 8fb1ec8330
Signed by: peprolinbot
GPG key ID: 053EA6E00116533A
2 changed files with 37 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

52
machines/aresix/modules/reverse-proxy.nix
View file

@ -1,4 +1,8 @@
{...}: {
{
lib,
config,
...
}: {
security.acme = {
acceptTerms = true;
defaults.email = "personal+letsencrypt@peprolinbot.com";
@ -15,29 +19,41 @@
recommendedProxySettings = true;
recommendedTlsSettings = true;
virtualHosts = {
"ha.campares.duckdns.org" = {
virtualHosts = let
base = locations: {
inherit locations;
forceSSL = true;
enableACME = true;
extraConfig = ''
};
proxy = {
port,
websockets ? false,
}:
(base {
"/" = {
proxyPass = "http://[::1]:" + toString port + "/";
proxyWebsockets = websockets;
};
})
// {
extraConfig = lib.mkIf websockets ''
proxy_buffering off;
'';
locations."/" = {
proxyPass = "http://[::1]:8123";
proxyWebsockets = true;
};
};
"wg.campares.duckdns.org" = {
forceSSL = true;
enableACME = true;
extraConfig = ''
proxy_buffering off;
'';
locations."/" = {
proxyPass = "http://[::1]:8000";
proxyWebsockets = true;
};
proxySimple = port: proxy {inherit port;};
proxyWebsockets = port:
proxy {
inherit port;
websockets = true;
};
in {
"ha.campares.duckdns.org" = proxyWebsockets config.services.home-assistant.config.http.server_port;
"wg.campares.duckdns.org" = proxySimple config.services.wg-access-server.settings.port;
};
};
}

1
machines/aresix/modules/wireguard.nix
View file

@ -25,6 +25,7 @@
settings = {
httpHost = "::1";
port = 8000;
};
secretsFile = config.clan.core.vars.generators.wg-access-server.files.secrets-file.path;