diff options
| author | tv <tv@krebsco.de> | 2020-10-03 13:44:30 +0200 |
|---|---|---|
| committer | tv <tv@krebsco.de> | 2020-10-03 13:44:30 +0200 |
| commit | d1e52425e0d5d79a33b11c92cc2afb498075d953 (patch) | |
| tree | 29277982f014eaae680e006b6afc7fdb42e8d9b2 /lass/2configs/paste.nix | |
| parent | 654f64f05935a69607a540f2e8d15619cee9e15e (diff) | |
| parent | 7e7499d86302d261c8f8404fb34f2ac091318d0e (diff) | |
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'lass/2configs/paste.nix')
| -rw-r--r-- | lass/2configs/paste.nix | 31 |
1 files changed, 28 insertions, 3 deletions
diff --git a/lass/2configs/paste.nix b/lass/2configs/paste.nix index 23cab8e6e..0cf62ec0b 100644 --- a/lass/2configs/paste.nix +++ b/lass/2configs/paste.nix @@ -7,7 +7,17 @@ with import <stockholm/lib>; locations."/".extraConfig = '' client_max_body_size 4G; proxy_set_header Host $host; - proxy_pass http://localhost:9081; + proxy_pass http://127.0.0.1:${toString config.krebs.htgen.paste.port}; + ''; + locations."/image".extraConfig = /* nginx */ '' + client_max_body_size 40M; + + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + proxy_pass http://127.0.0.1:${toString config.krebs.htgen.imgur.port}; + proxy_pass_header Server; ''; }; services.nginx.virtualHosts."p.krebsco.de" = { @@ -19,21 +29,36 @@ with import <stockholm/lib>; return 403; } proxy_set_header Host $host; - proxy_pass http://localhost:9081; + proxy_pass http://127.0.0.1:${toString config.krebs.htgen.paste.port}; + ''; + locations."/image".extraConfig = '' + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + proxy_pass http://127.0.0.1:${toString config.krebs.htgen.imgur.port}; + proxy_pass_header Server; ''; }; + krebs.htgen.paste = { port = 9081; script = toString [ "PATH=${makeBinPath [ pkgs.nix + pkgs.file ]}:$PATH" "STATEDIR=$HOME" ". ${pkgs.htgen}/examples/paste" ]; }; + krebs.htgen.imgur = { + port = 7771; + script = /* sh */ '' + (. ${pkgs.htgen-imgur}/bin/htgen-imgur) + ''; + }; krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT";} - { predicate = "-i retiolum -p tcp --dport 9081"; target = "ACCEPT";} ]; } |