forked from Zynh0722/permafrost
51 lines
1.6 KiB
Nix
51 lines
1.6 KiB
Nix
{ lib, config, ... }:
|
|
|
|
let
|
|
cfg = config.permafrost.foundry;
|
|
ACMEEnabled = config.permafrost.nginx.enableACME;
|
|
in
|
|
{
|
|
options.permafrost.foundry = {
|
|
enable = lib.mkEnableOption "foundry nixos module";
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable (lib.mkMerge [
|
|
{
|
|
permafrost.nginx.enable = lib.mkDefault true;
|
|
}
|
|
{
|
|
# permafrost.nginx.certDomains = lib.mkIf ACMEEnabled [ "scarlet.zynh.me" ];
|
|
services.nginx.virtualHosts."scarlet.zynh.me" = {
|
|
forceSSL = lib.mkIf ACMEEnabled true;
|
|
serverName = "scarlet.zynh.me";
|
|
useACMEHost = lib.mkIf ACMEEnabled "permafrost";
|
|
locations."/.well-known/acme-challenge" = {
|
|
root = "/var/lib/acme/.challenges";
|
|
};
|
|
locations."/" = {
|
|
extraConfig = /* nginx */ ''
|
|
# Set proxy headers
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
# These are important to support WebSockets
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "Upgrade";
|
|
'';
|
|
proxyPass = "http://localhost:30000";
|
|
};
|
|
};
|
|
}
|
|
{
|
|
permafrost.nginx.certDomains = lib.mkIf ACMEEnabled [ "ddbimporter.zynh.me" ];
|
|
services.nginx.virtualHosts."ddbimporter.zynh.me" = {
|
|
# TODO: Force ssl
|
|
# addSSL = true;
|
|
useACMEHost = lib.mkIf ACMEEnabled "permafrost";
|
|
serverName = "ddbimporter.zynh.me";
|
|
locations."/".proxyPass = "http://localhost:3232";
|
|
};
|
|
}
|
|
]);
|
|
}
|