forked from CCCHH/nix-infra
June
e88982d7c7
Give the host a static v4 as well. Also let the nginx redirect from the hosts FQDN to the service domain.
73 lines
1.5 KiB
Nix
73 lines
1.5 KiB
Nix
{ config, ... }:
|
|
|
|
{
|
|
services.nginx = {
|
|
enable = true;
|
|
|
|
virtualHosts = {
|
|
"esphome.ccchh.net" = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
serverName = "esphome.ccchh.net";
|
|
|
|
listen = [
|
|
{
|
|
addr = "0.0.0.0";
|
|
port = 80;
|
|
}
|
|
{
|
|
addr = "[::]";
|
|
port = 80;
|
|
}
|
|
{
|
|
addr = "0.0.0.0";
|
|
port = 443;
|
|
ssl = true;
|
|
}
|
|
{
|
|
addr = "[::]";
|
|
port = 443;
|
|
ssl = true;
|
|
}
|
|
];
|
|
|
|
locations."/" = {
|
|
proxyPass = "http://${config.services.esphome.address}:${builtins.toString config.services.esphome.port}";
|
|
proxyWebsockets = true;
|
|
};
|
|
};
|
|
"esphome.z9.ccchh.net" = {
|
|
forceSSL = true;
|
|
useACMEHost = "esphome.ccchh.net";
|
|
serverName = "esphome.z9.ccchh.net";
|
|
|
|
listen = [
|
|
{
|
|
addr = "0.0.0.0";
|
|
port = 80;
|
|
}
|
|
{
|
|
addr = "[::]";
|
|
port = 80;
|
|
}
|
|
{
|
|
addr = "0.0.0.0";
|
|
port = 443;
|
|
ssl = true;
|
|
}
|
|
{
|
|
addr = "[::]";
|
|
port = 443;
|
|
ssl = true;
|
|
}
|
|
];
|
|
|
|
globalRedirect = "esphome.ccchh.net";
|
|
redirectCode = 307;
|
|
};
|
|
};
|
|
};
|
|
security.acme.certs."esphome.ccchh.net".extraDomainNames = [ "esphome.z9.ccchh.net" ];
|
|
|
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
|
}
|