mirror of
https://github.com/srid/nixos-config.git
synced 2025-12-26 15:04:59 +08:00
30 lines
756 B
Nix
30 lines
756 B
Nix
# Configuration for the VPS running nginx reverse proxy
|
|
{ flake, pkgs, lib, webapps, ... }:
|
|
|
|
let
|
|
host = "pureintent"; # See host.nix
|
|
webapps = import ./. { inherit flake; system = pkgs.stdenv.hostPlatform.system; };
|
|
in
|
|
{
|
|
services.tailscale.enable = true;
|
|
|
|
services.nginx = {
|
|
enable = true;
|
|
recommendedProxySettings = true;
|
|
recommendedTlsSettings = true;
|
|
|
|
virtualHosts = lib.mapAttrs'
|
|
(name: v: lib.nameValuePair v.domain {
|
|
locations."/".proxyPass = "http://${host}:${builtins.toString v.port}";
|
|
enableACME = true;
|
|
addSSL = true;
|
|
})
|
|
webapps;
|
|
};
|
|
|
|
security.acme = {
|
|
acceptTerms = true;
|
|
defaults.email = "srid@srid.ca";
|
|
};
|
|
networking.firewall.allowedTCPPorts = [ 80 443 22 ];
|
|
}
|