diff options
Diffstat (limited to 'profiles/reverse-proxy.nix')
| -rw-r--r-- | profiles/reverse-proxy.nix | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/profiles/reverse-proxy.nix b/profiles/reverse-proxy.nix index 45b42f5..8904561 100644 --- a/profiles/reverse-proxy.nix +++ b/profiles/reverse-proxy.nix @@ -2,6 +2,7 @@ pkgs, lib, config, + adminUser, ... }: let @@ -88,6 +89,23 @@ in acmeRoot = null; forceSSL = true; locations."/".proxyPass = "http://${httpHost}:8070"; + locations."/ssh.pub" = { + extraConfig = '' + add_header Content-Type "text/plain; charset=utf-8"; + add_header Content-Disposition "inline"; + add_header Cache-Control "public, max-age=3600"; + return 200 "${ + lib.concatStringsSep "\\n" ( + with adminUser.userinfo.sshPublicKeys; + [ + yubikey-personal-nano + yubikey-personal-keychain + yubikey-personal-backup + ] + ) + }\n"; + ''; + }; locations."/.well-known/webfinger" = { root = webfingerRoot; extraConfig = '' |