clerie/nixfiles
1
0
Fork 0
Code

hosts/porter: Put chisel behind nginx

Browse Source
This commit is contained in:
clerie 2022-09-28 22:47:52 +02:00
parent ac61842f29
commit b016e76f09
2 changed files with 14 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
hosts/porter/configuration.nix
View File

@ -22,6 +22,18 @@
networking.defaultGateway6 = { address = "fe80::1"; interface = "ens3"; }; networking.defaultGateway6 = { address = "fe80::1"; interface = "ens3"; };
networking.nameservers = [ "46.38.255.230" "46.38.252.230" ]; networking.nameservers = [ "46.38.255.230" "46.38.252.230" ];
services.nginx.enable = true;
services.nginx.virtualHosts = {
"chisel.clerie.de" = {
enableACME = true;
addSSL = true;
locations."/" = {
proxyPass = "http://[::1]:3765";
proxyWebsockets = true;
};
};
};
clerie.nginx-port-forward = { clerie.nginx-port-forward = {
enable = true; enable = true;
tcpPorts."2022" = { tcpPorts."2022" = {
@ -32,7 +44,7 @@
clerie.chisel.enable = true; clerie.chisel.enable = true;
networking.firewall.allowedTCPPorts = [ 443 ]; networking.firewall.allowedTCPPorts = [ 80 443 ];
networking.firewall.allowedUDPPorts = []; networking.firewall.allowedUDPPorts = [];
clerie.monitoring = { clerie.monitoring = {

2
modules/chisel/default.nix
View File

@ -19,7 +19,7 @@ in {
after = [ "network.target" ]; after = [ "network.target" ];
serviceConfig = { serviceConfig = {
ExecStart = "${pkgs.chisel}/bin/chisel server --port 443 --authfile /var/src/secrets/chisel/users.json"; ExecStart = "${pkgs.chisel}/bin/chisel server --host [::1] --port 3765 --authfile /var/src/secrets/chisel/users.json";
Restart = "always"; Restart = "always";
}; };
}; };