networkException/katzen-cafe
1
0
Fork 0
forked from katzen-cafe/katzen-cafe
Code Pull requests Activity

miau

Browse source
This commit is contained in:
Schrottkatze 2023-08-05 18:46:25 +02:00
parent 02a6440717
commit 4353c90e2b
11 changed files with 146 additions and 70 deletions
Download patch file Download diff file Expand all files Collapse all files

26
modules/proxy.nix
View file

@ -11,6 +11,10 @@
group = "nginx";
keyType = "rsa4096";
};
"miau.katzen.cafe" = {
group = "nginx";
keyType = "rsa4096";
};
"forge.katzen.cafe" = {
group = "nginx";
keyType = "rsa4096";
@ -47,6 +51,10 @@
group = "nginx";
keyType = "rsa4096";
};
"wolke.katzen.cafe" = {
group = "nginx";
keyType = "rsa4096";
};
# "prosody.katzen.cafe" = {
# group = "prosody";
# keyType = "rsa4096";
@ -70,6 +78,13 @@
statusPage = true;
virtualHosts = {
"miau.katzen.cafe" = {
forceSSL = true;
enableACME = true;
locations."/" = {
root = "/var/www/miau";
};
};
"_.katzen.cafe" = {
# Catchall vhost, will redirect users to HTTPS for all vhosts
serverAliases = [ "*.katzen.cafe" ];
@ -78,6 +93,7 @@
};
locations."/" = {
return = "301 https://$host$request_uri";
root = "/var/www/miau";
};
};
"grafana.katzen.cafe" = {
@ -151,6 +167,16 @@
proxyPass = "http://10.0.1.2";
};
};
"wolke.katzen.cafe" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://10.0.3.2";
};
extraConfig = ''
add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always;
'';
};
"hc-vault.katzen.cafe" = {
forceSSL = true;
enableACME = true;