nginx: force ssl

2024-12-27 21:50:05 -08:00 · 2024-12-27 21:50:05 -08:00 · 0eb63c5e9b
commit 0eb63c5e9b
parent de4f48353e
3 changed files with 3 additions and 5 deletions
--- a/modules/forgejo.nix
+++ b/modules/forgejo.nix
@ -13,8 +13,7 @@ in
    permafrost.nginx.enable = lib.mkDefault true;
    permafrost.nginx.certDomains = lib.mkIf ACMEEnabled [ "git.zynh.me" ];
    services.nginx.virtualHosts."git.zynh.me" = {
-      # TODO: Force ssl
+      forceSSL = lib.mkIf ACMEEnabled true;
      # addSSL = true;
      serverName = "git.zynh.me";
      useACMEHost = lib.mkIf ACMEEnabled "permafrost";
      locations."/" = {
--- a/modules/foundry.nix
+++ b/modules/foundry.nix
@ -16,8 +16,7 @@ in
    {
      # permafrost.nginx.certDomains = lib.mkIf ACMEEnabled [ "scarlet.zynh.me" ];
      services.nginx.virtualHosts."scarlet.zynh.me" = {
-        # TODO: Force ssl
+        forceSSL = lib.mkIf ACMEEnabled true;
        # addSSL = true;
        serverName = "scarlet.zynh.me";
        useACMEHost = lib.mkIf ACMEEnabled "permafrost";
        locations."/.well-known/acme-challenge" = {
--- a/modules/nyazoom.nix
+++ b/modules/nyazoom.nix
@ -27,9 +27,9 @@ in
    services.nginx.virtualHosts."nyazoom.zynh.me" = {
      # TODO: Force ssl
      # TODO: Force ssl
      # addSSL = true;
      serverName = "nyazoom.zynh.me";
      useACMEHost = lib.mkIf ACMEEnabled "permafrost";
      forceSSL = lib.mkIf ACMEEnabled true;
      locations."/" = {
        proxyPass = "http://localhost:3000";
        extraConfig = /* nginx */ ''