90 lines
2.0 KiB
Nix
90 lines
2.0 KiB
Nix
{ config, pkgs, inputs, ... }:
|
|
|
|
{
|
|
services.nginx = {
|
|
enable = true;
|
|
|
|
recommendedGzipSettings = true;
|
|
recommendedOptimisation = true;
|
|
recommendedProxySettings = true;
|
|
recommendedTlsSettings = true;
|
|
|
|
gitweb = {
|
|
enable = true;
|
|
virtualHost = "git.tsvallender.co.uk";
|
|
location = "/web";
|
|
};
|
|
virtualHosts."git.tsvallender.co.uk" = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
};
|
|
|
|
virtualHosts."tsvallender.co.uk" = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:8000";
|
|
extraConfig =
|
|
"proxy_set_header X-Real-IP $remote_addr;" +
|
|
"proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;" +
|
|
"proxy_set_header X-Forwarded-Proto https;" +
|
|
"proxy_set_header X-Forwarded-Server $host;" +
|
|
"proxy_redirect off;"
|
|
;
|
|
};
|
|
};
|
|
|
|
# Syncthing
|
|
virtualHosts."syncthing.tsvallender.co.uk" = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:8384";
|
|
};
|
|
};
|
|
|
|
# Miniflux
|
|
virtualHosts."feeds.tsvallender.co.uk" = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:8080";
|
|
};
|
|
};
|
|
|
|
# Radicale
|
|
virtualHosts."cal.tsvallender.co.uk" = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:5232";
|
|
};
|
|
};
|
|
|
|
# Redmine
|
|
virtualHosts."redmine.tsvallender.co.uk" = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:3000";
|
|
};
|
|
};
|
|
# Wallabag
|
|
virtualHosts."wb.tsvallender.co.uk" = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:8485";
|
|
};
|
|
};
|
|
};
|
|
|
|
security.acme = {
|
|
acceptTerms = true;
|
|
defaults = {
|
|
email = "t+acme@tsvallender.co.uk";
|
|
};
|
|
};
|
|
}
|
|
|