{ config, lib, pkgs, ... }: with import <stockholm/lib>; let hostname = config.krebs.build.host.name; user = config.services.nginx.user; group = config.services.nginx.group; external-ip = config.krebs.build.host.nets.internet.ip4.addr; internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; in { services.nginx = { enable = mkDefault true; virtualHosts."mon.euer.krebsco.de" = let # flesh_wrap authFile = pkgs.writeText "influx.conf" '' user:$apr1$ZG9oQCum$FhtIe/cl3jf8Sa4zq/BWd1 ''; in { forceSSL = true; enableACME = true; locations."/" = { proxyPass = "http://wbob.r:3000/"; extraConfig = '' proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; ''; }; locations."/influxdb/" = { proxyPass = "http://wbob.r:8086/"; extraConfig = '' auth_basic "Needs Autherization to visit"; auth_basic_user_file ${authFile}; proxy_http_version 1.1; proxy_set_header Host $http_host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_redirect off; ''; }; }; }; }