summaryrefslogtreecommitdiffstats
path: root/krebs/2configs/wiki.nix
diff options
context:
space:
mode:
Diffstat (limited to 'krebs/2configs/wiki.nix')
-rw-r--r--krebs/2configs/wiki.nix21
1 files changed, 13 insertions, 8 deletions
diff --git a/krebs/2configs/wiki.nix b/krebs/2configs/wiki.nix
index 9a18b8dff..40d946f7d 100644
--- a/krebs/2configs/wiki.nix
+++ b/krebs/2configs/wiki.nix
@@ -29,6 +29,7 @@ in
{
services.gollum = {
enable = true;
+ address = "::1";
extraConfig = ''
Gollum::Hook.register(:post_commit, :hook_id) do |committer, sha1|
system('${pushCgit}')
@@ -38,16 +39,20 @@ in
systemd.services.gollum.environment.LC_ALL = "en_US.UTF-8";
- networking.firewall.allowedTCPPorts = [ 80 ];
+ networking.firewall.allowedTCPPorts = [ 80 443 ];
+ security.acme.certs."wiki.r".server = config.krebs.ssl.acmeURL;
services.nginx = {
enable = true;
- virtualHosts.wiki = {
- serverAliases = [ "wiki.r" "wiki.${config.networking.hostName}.r" ];
- locations."/".extraConfig = ''
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "upgrade";
- proxy_pass http://127.0.0.1:${toString config.services.gollum.port};
- '';
+ virtualHosts."wiki.r" = {
+ enableACME = true;
+ addSSL = true;
+ locations."/" = {
+ proxyPass = "http://[::1]:${toString config.services.gollum.port}";
+ proxyWebsockets = true;
+ extraConfig = ''
+ proxy_set_header Host $host;
+ '';
+ };
};
};
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-02 21:14:07 +0000