diff options
| author | Franck Cuny <franck@fcuny.net> | 2022-04-13 11:24:02 -0700 |
|---|---|---|
| committer | Franck Cuny <franck@fcuny.net> | 2022-04-13 11:24:02 -0700 |
| commit | 1636706b98afceb1b073c25b52a904f267c61910 (patch) | |
| tree | 30a8943fc2473c8e568c09bf3e098664023cb998 /hosts/tahoe | |
| parent | fish: only start sway when sway is installed (diff) | |
| download | infra-1636706b98afceb1b073c25b52a904f267c61910.tar.gz | |
nginx: add nginx as a reverse proxy
This will ultimately replace traefik.
Diffstat (limited to 'hosts/tahoe')
| -rw-r--r-- | hosts/tahoe/services.nix | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/hosts/tahoe/services.nix b/hosts/tahoe/services.nix index 75a6ee2..8846eae 100644 --- a/hosts/tahoe/services.nix +++ b/hosts/tahoe/services.nix @@ -18,7 +18,20 @@ in { stateDir = "/var/lib/gitea"; }; rclone = { enable = true; }; - traefik = { enable = true; }; + traefik = { enable = false; }; + nginx = { + enable = true; + acme = { credentialsFile = secrets."acme/dns-key".path; }; + sso = { + authKeyFile = secrets."sso/auth-key".path; + users = { + fcuny = { + passwordHashFile = secrets."sso/fcuny/password-hash".path; + }; + }; + groups = { root = [ "fcuny" ]; }; + }; + }; transmission = { enable = true; }; metrics-exporter = { enable = true; }; backup = { |