blake/nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

28 current 2025-10-07 15:30:08 25.05.20251001.5b5be50 6.12.49 *

Browse Source
This commit is contained in:
blake
2025-10-07 15:46:39 -05:00
parent 49079aa26f
commit 0532a731e5
3 changed files with 34 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
modules/homelab/services/default.nix.template
View File

@@ -55,19 +55,30 @@ in
systemd.services.<service_name>.serviceConfig = { UMask = lib.mkForce "0007"; };
# # open firewall
# networking.firewall.allowedTCPPorts = [ port ];
# networking.firewall.allowedTCPPorts = [ cfg.port ];
# reverse proxy entryo
# internal reverse proxy entry
services.nginx.virtualHosts."<service_name>.snowbelle.lan" = {
enableACME = false;
forceSSL = true;
sslCertificate = config.sops.secrets."ssl_blakedheld_crt".path;
sslCertificateKey = config.sops.secrets."ssl_blakedheld_key".path;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString port}";
proxyPass = "http://127.0.0.1:${toString cfg.port}";
};
# external reverse proxy entry
services.nginx.virtualHosts."<service_name>.blakedheld.xyz" = {
enableACME = false;
forceSSL = true;
sslCertificate = config.sops.secrets."ssl_blakedheld_crt".path;
sslCertificateKey = config.sops.secrets."ssl_blakedheld_key".path;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString cfg.port}";
};
};
};
# add to backups
modules.system.backups.paths = lib.mkIf cfg.backup [ data_dir ];
};