153 current 2025-10-09 12:27:20 25.05.20251006.20c4598 6.12.50 *

2025-10-09 12:36:39 -05:00
parent 7bd74aea43
commit 435d2154b8
8 changed files with 763 additions and 0 deletions
--- a/modules/homelab/services/bak/nginx-proxy/default.nix
+++ b/modules/homelab/services/bak/nginx-proxy/default.nix
@@ -0,0 +1,39 @@
+{ pkgs, config, lib, ... }:
+
+let
+  cfg = config.modules.homelab.nginx-proxy;
+in
+{
+  options.modules.homelab.nginx-proxy = {
+    enable = lib.mkEnableOption "enables nginx-proxy";
+  };
+
+  config = lib.mkIf cfg.enable {
+    # enable nginx proxy manager
+    services.nginx = {
+      enable = true;
+      recommendedProxySettings = true;
+      recommendedTlsSettings = true;
+    };
+    # enable acme for auto ssl certs with lets encrypt
+    security.acme = {
+      acceptTerms = true;
+      defaults.email = "me@blakedheld.xyz";
+    };
+
+    # nginx secrets
+    sops.secrets = {
+      "ssl_blakedheld_crt" = {
+        restartUnits = [ "nginx.service" ];
+        owner = "nginx";
+        group = "nginx";
+#        neededForUsers = true;
+      };
+      "ssl_blakedheld_key" = {
+        owner = "nginx";
+        group = "nginx";
+#        neededForUsers = true;
+      };
+    };
+  };
+}