Koen/nix-config
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
nix-config/modules/containers/nginx.nix
KoenDR06 8aab959e42 idk I fixed some stuff
2026-02-10 15:17:32 +01:00

86 lines
1.9 KiB
Nix
Raw Blame History

{
inputs,
outputs,
lib,
config,
pkgs,
...
}: let
inherit (lib) mkEnableOption mkIf mkOption types;
cfg = config.horseman.containers.nginx;
in {
options = {
horseman.containers.nginx = {
enable = mkEnableOption "nginx container";
domain = mkOption {
type = types.str;
default = "koendev.nl";
};
};
};
config = mkIf cfg.enable {
security.acme = {
acceptTerms = true;
defaults.email = "koen.de.ruiter@hotmail.com";
};
services.fail2ban.enable = true;
services.nginx = {
enable = true;
streamConfig = ''
server {
listen ${toString config.horseman.containers.forgejo.sshPort};
proxy_pass ${config.containers.forgejo.localAddress}:${toString config.horseman.containers.forgejo.sshPort};
}
'';
virtualHosts = {
"${cfg.domain}" = {
forceSSL = true;
enableACME = true;
root = "/var/www/portfolio";
default = true;
extraConfig = ''
error_page 404 /404.html;
'';
};
"public.${cfg.domain}" = {
forceSSL = true;
enableACME = true;
root = "/var/www/public";
};
"git.${cfg.domain}" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://${config.containers.forgejo.localAddress}:${toString config.horseman.containers.forgejo.port}";
};
};
"vault.${cfg.domain}" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://${config.containers.vaultwarden.localAddress}:${toString config.horseman.containers.vaultwarden.port}";
};
};
};
};
networking = {
firewall = {
enable = true;
allowedTCPPorts = [80 443 config.horseman.containers.forgejo.sshPort];
};
};
};
}
Reference in a new issue View git blame Copy permalink