1
0
Fork 0

hosts/porter: Put chisel behind nginx

This commit is contained in:
clerie 2022-09-28 22:47:52 +02:00
parent ac61842f29
commit b016e76f09
2 changed files with 14 additions and 2 deletions

View File

@ -22,6 +22,18 @@
networking.defaultGateway6 = { address = "fe80::1"; interface = "ens3"; };
networking.nameservers = [ "46.38.255.230" "46.38.252.230" ];
services.nginx.enable = true;
services.nginx.virtualHosts = {
"chisel.clerie.de" = {
enableACME = true;
addSSL = true;
locations."/" = {
proxyPass = "http://[::1]:3765";
proxyWebsockets = true;
};
};
};
clerie.nginx-port-forward = {
enable = true;
tcpPorts."2022" = {
@ -32,7 +44,7 @@
clerie.chisel.enable = true;
networking.firewall.allowedTCPPorts = [ 443 ];
networking.firewall.allowedTCPPorts = [ 80 443 ];
networking.firewall.allowedUDPPorts = [];
clerie.monitoring = {

View File

@ -19,7 +19,7 @@ in {
after = [ "network.target" ];
serviceConfig = {
ExecStart = "${pkgs.chisel}/bin/chisel server --port 443 --authfile /var/src/secrets/chisel/users.json";
ExecStart = "${pkgs.chisel}/bin/chisel server --host [::1] --port 3765 --authfile /var/src/secrets/chisel/users.json";
Restart = "always";
};
};