summaryrefslogtreecommitdiffstats
path: root/krebs/2configs/wiki.nix
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2021-12-22 23:33:05 +0100
committertv <tv@krebsco.de>2021-12-22 23:33:05 +0100
commit448cd3b9af9e39980676f8ade7e5fb80dbb58b9f (patch)
treead3b7ccfb7107b0053ad2a80cbc2dd97a018e7a6 /krebs/2configs/wiki.nix
parent2656cbf2a91f1f350e29e2ee2faa0bbe90f9b717 (diff)
parent576c05cf3a0ceddefa29c2d0073108177c3cfa52 (diff)
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'krebs/2configs/wiki.nix')
-rw-r--r--krebs/2configs/wiki.nix21
1 files changed, 13 insertions, 8 deletions
diff --git a/krebs/2configs/wiki.nix b/krebs/2configs/wiki.nix
index 9a18b8dff..40d946f7d 100644
--- a/krebs/2configs/wiki.nix
+++ b/krebs/2configs/wiki.nix
@@ -29,6 +29,7 @@ in
{
services.gollum = {
enable = true;
+ address = "::1";
extraConfig = ''
Gollum::Hook.register(:post_commit, :hook_id) do |committer, sha1|
system('${pushCgit}')
@@ -38,16 +39,20 @@ in
systemd.services.gollum.environment.LC_ALL = "en_US.UTF-8";
- networking.firewall.allowedTCPPorts = [ 80 ];
+ networking.firewall.allowedTCPPorts = [ 80 443 ];
+ security.acme.certs."wiki.r".server = config.krebs.ssl.acmeURL;
services.nginx = {
enable = true;
- virtualHosts.wiki = {
- serverAliases = [ "wiki.r" "wiki.${config.networking.hostName}.r" ];
- locations."/".extraConfig = ''
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "upgrade";
- proxy_pass http://127.0.0.1:${toString config.services.gollum.port};
- '';
+ virtualHosts."wiki.r" = {
+ enableACME = true;
+ addSSL = true;
+ locations."/" = {
+ proxyPass = "http://[::1]:${toString config.services.gollum.port}";
+ proxyWebsockets = true;
+ extraConfig = ''
+ proxy_set_header Host $host;
+ '';
+ };
};
};