vcp-bula-nixfiles/hosts/pre-router/nginx.nix

{ config, pkgs, ...}:

{

   networking.interfaces = {
      ens20 = {
        ipv4.addresses = [{
          address = "10.42.123.55";
          prefixLength = 24;
        }];
      };
   };


   networking.firewall.allowedTCPPorts = [ 80 443 ];
   security.acme.acceptTerms = true;
   security.acme.defaults.email = "letsencrypt@entr0py.de";
   services.nginx = {
    enable = true;
    clientMaxBodySize = "400M";
    recommendedGzipSettings = true;
    recommendedOptimisation = true;
    recommendedProxySettings = true;
    recommendedTlsSettings = true;
   };
   services.nginx.virtualHosts."lightbuffet.entr0py.cloud" = {    # Gitea hostname
    enableACME = true; # Use ACME certs
    forceSSL = true; # Force SSL
    locations."/" = {
      proxyPass = "https://10.42.123.20:8006";
      proxyWebsockets = true;
    };
  };
}
feat: basic nix config structure 2022-07-07 11:15:52 +02:00			`{ config, pkgs, ...}:`

			`{`

			`networking.interfaces = {`
			`ens20 = {`
			`ipv4.addresses = [{`
			`address = "10.42.123.55";`
			`prefixLength = 24;`
			`}];`
			`};`
			`};`


			`networking.firewall.allowedTCPPorts = [ 80 443 ];`
			`security.acme.acceptTerms = true;`
			`security.acme.defaults.email = "letsencrypt@entr0py.de";`
			`services.nginx = {`
			`enable = true;`
			`clientMaxBodySize = "400M";`
			`recommendedGzipSettings = true;`
			`recommendedOptimisation = true;`
			`recommendedProxySettings = true;`
			`recommendedTlsSettings = true;`
			`};`
			`services.nginx.virtualHosts."lightbuffet.entr0py.cloud" = { # Gitea hostname`
			`enableACME = true; # Use ACME certs`
			`forceSSL = true; # Force SSL`
			`locations."/" = {`
			`proxyPass = "https://10.42.123.20:8006";`
			`proxyWebsockets = true;`
			`};`
			`};`
			`}`