xyno/nix-configs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix caddy

Browse source
This commit is contained in:
Lucy Hochkamp 2024-01-04 15:32:56 +01:00
parent 40dcdceef4
commit 1aa80a380b
No known key found for this signature in database
2 changed files with 7 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

31
hosts/picard/default.nix
View file

@ -43,27 +43,7 @@
services.postgresql.package = pkgs.postgresql_13; services.postgresql.package = pkgs.postgresql_13;
services.nginx.recommendedOptimisation = true; systemd.services.caddy.serviceConfig.EnvironmentFile = config.age.secrets.desec.path;
services.nginx.virtualHosts."xyno.space" = {
locations."/".proxyPass = "http://[::1]${config.services.xynoblog.listen}";
locations."/gyakapyukawfyuokfgwtyutf.js".proxyPass = "http://127.0.0.1:${toString config.services.plausible.server.port}/js/plausible.outbound-links.js";
locations."= /api/event" = {
proxyPass = "http://127.0.0.1:${toString config.services.plausible.server.port}/api/event";
recommendedProxySettings = false;
extraConfig = ''
proxy_set_header Host stats.xyno.space;
proxy_buffering on;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
'';
};
} // (lib.my.findOutTlsConfig "xyno.space" config);
services.caddy = { services.caddy = {
enable = true; enable = true;
package = (pkgs.callPackage ./custom-caddy.nix { package = (pkgs.callPackage ./custom-caddy.nix {
@ -72,8 +52,8 @@
]; ];
vendorHash = lib.fakeSha256; vendorHash = lib.fakeSha256;
}); });
extraConfig = '' globalConfig = ''
acme_dns desec {TOKEN} acme_dns desec {$TOKEN}
''; '';
virtualHosts."*.ragon.xyz".extraConfig = '' virtualHosts."*.ragon.xyz".extraConfig = ''
@8081 host 8081.ragon.xyz @8081 host 8081.ragon.xyz
@ -89,6 +69,9 @@
encode zstd gzip encode zstd gzip
root /srv/www root /srv/www
file_server browse file_server browse
basicauth /* {
{$BAUSER} {$BAPASSWD}
}
} }
@bw host bw.ragon.xyz @bw host bw.ragon.xyz
handle @bw { handle @bw {
@ -219,7 +202,7 @@
cli.enable = true; cli.enable = true;
user.enable = true; user.enable = true;
persist.enable = true; persist.enable = true;
persist.extraDirectories = [ "/var/lib/syncthing" "/var/lib/${config.services.xynoblog.stateDirectory}" ]; persist.extraDirectories = [ "/srv/www" config.services.caddy.dataDir "/var/lib/syncthing" "/var/lib/${config.services.xynoblog.stateDirectory}" ];
services = { services = {
ssh.enable = true; ssh.enable = true;

BIN
secrets/desec.age
View file

Binary file not shown.