diff options
author | tv <tv@krebsco.de> | 2021-12-22 23:33:05 +0100 |
---|---|---|
committer | tv <tv@krebsco.de> | 2021-12-22 23:33:05 +0100 |
commit | 448cd3b9af9e39980676f8ade7e5fb80dbb58b9f (patch) | |
tree | ad3b7ccfb7107b0053ad2a80cbc2dd97a018e7a6 /krebs/2configs/wiki.nix | |
parent | 2656cbf2a91f1f350e29e2ee2faa0bbe90f9b717 (diff) | |
parent | 576c05cf3a0ceddefa29c2d0073108177c3cfa52 (diff) |
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'krebs/2configs/wiki.nix')
-rw-r--r-- | krebs/2configs/wiki.nix | 21 |
1 files changed, 13 insertions, 8 deletions
diff --git a/krebs/2configs/wiki.nix b/krebs/2configs/wiki.nix index 9a18b8dff..40d946f7d 100644 --- a/krebs/2configs/wiki.nix +++ b/krebs/2configs/wiki.nix @@ -29,6 +29,7 @@ in { services.gollum = { enable = true; + address = "::1"; extraConfig = '' Gollum::Hook.register(:post_commit, :hook_id) do |committer, sha1| system('${pushCgit}') @@ -38,16 +39,20 @@ in systemd.services.gollum.environment.LC_ALL = "en_US.UTF-8"; - networking.firewall.allowedTCPPorts = [ 80 ]; + networking.firewall.allowedTCPPorts = [ 80 443 ]; + security.acme.certs."wiki.r".server = config.krebs.ssl.acmeURL; services.nginx = { enable = true; - virtualHosts.wiki = { - serverAliases = [ "wiki.r" "wiki.${config.networking.hostName}.r" ]; - locations."/".extraConfig = '' - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_pass http://127.0.0.1:${toString config.services.gollum.port}; - ''; + virtualHosts."wiki.r" = { + enableACME = true; + addSSL = true; + locations."/" = { + proxyPass = "http://[::1]:${toString config.services.gollum.port}"; + proxyWebsockets = true; + extraConfig = '' + proxy_set_header Host $host; + ''; + }; }; }; |