From 9ba79879219e68823c7be7b61c861068fabc6da7 Mon Sep 17 00:00:00 2001 From: blake Date: Tue, 7 Oct 2025 23:28:01 -0500 Subject: [PATCH] 70 current 2025-10-07 23:21:50 25.05.20251001.5b5be50 6.12.49 * --- flake.nix | 2 +- modules/homelab/services/gitea/default.nix | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.nix b/flake.nix index 26f85f7..b095710 100644 --- a/flake.nix +++ b/flake.nix @@ -1,6 +1,6 @@ # flake for blakes nixos config # define new devices in outputs -# generation: 69 current 2025-10-07 23:14:40 25.05.20251001.5b5be50 6.12.49 * +# generation: 70 current 2025-10-07 23:21:50 25.05.20251001.5b5be50 6.12.49 * { description = "blakes nix config"; inputs = { diff --git a/modules/homelab/services/gitea/default.nix b/modules/homelab/services/gitea/default.nix index a9fe516..ffd0d96 100644 --- a/modules/homelab/services/gitea/default.nix +++ b/modules/homelab/services/gitea/default.nix @@ -73,7 +73,7 @@ in networking.firewall.allowedTCPPorts = [ cfg.port cfg.ssh_port ]; # internal reverse proxy entry - services.nginx.virtualHosts."gitea.snowbelle.lan" = { + services.nginx.virtualHosts."git.snowbelle.lan" = { enableACME = false; forceSSL = true; sslCertificate = config.sops.secrets."ssl_blakedheld_crt".path; @@ -83,11 +83,11 @@ in }; }; # external reverse proxy entry - services.nginx.virtualHosts."gitea.blakedheld.xyz" = { - enableACME = false; + services.nginx.virtualHosts."git.blakedheld.xyz" = { + enableACME = true; forceSSL = true; - sslCertificate = config.sops.secrets."ssl_blakedheld_crt".path; - sslCertificateKey = config.sops.secrets."ssl_blakedheld_key".path; +# sslCertificate = config.sops.secrets."ssl_blakedheld_crt".path; +# sslCertificateKey = config.sops.secrets."ssl_blakedheld_key".path; locations."/" = { proxyPass = "http://127.0.0.1:${toString cfg.port}"; };