rrvsh/pantheon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(web-servers): add SSL support

Browse source
This commit is contained in:
Mohammad Rafiq 2025-06-04 20:49:54 +08:00
parent 5ba9667f4e
commit 5dfec647b0
No known key found for this signature in database
1 changed files with 32 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

29
modules/nixos/server/web-servers/default.nix
View file

@ -9,11 +9,35 @@ in
}; };
}; };
config = lib.mkMerge [ config = lib.mkMerge [
{
security.acme = {
acceptTerms = true;
defaults.email = "rafiq@rrv.sh";
};
}
(lib.mkIf cfg.nginx.enable { (lib.mkIf cfg.nginx.enable {
networking.firewall.allowedTCPPorts = [ 80 ]; networking.firewall.allowedTCPPorts = [
443
80
];
services.nginx = { services.nginx = {
enable = true; enable = true;
virtualHosts.${config.system.hostname} = { virtualHosts = {
"chat.bwfiq.com" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://helios:3080";
};
};
"il.bwfiq.com" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://helios:2283";
};
};
${config.system.hostname} = {
locations."/" = { locations."/" = {
return = "200 '<html><body>It works!</body></html'"; return = "200 '<html><body>It works!</body></html'";
extraConfig = '' extraConfig = ''
@ -22,6 +46,7 @@ in
}; };
}; };
}; };
};
}) })
]; ];
} }