mirror of
https://forge.katzen.cafe/katzen-cafe/katzen-cafe.git
synced 2024-11-24 14:58:43 +01:00
miau
This commit is contained in:
parent
02a6440717
commit
4353c90e2b
|
@ -10,7 +10,7 @@ This is the repository for the NixOS configurations of the Katzen Café (Katzen
|
||||||
- [x] Penpot
|
- [x] Penpot
|
||||||
- [x] Forgejo
|
- [x] Forgejo
|
||||||
- [ ] Vault
|
- [ ] Vault
|
||||||
- [ ] Jitsi
|
- [x] Jitsi
|
||||||
- [x] Mumble
|
- [x] Mumble
|
||||||
- [ ] Nextcloud
|
- [ ] Nextcloud
|
||||||
- [ ] Karton
|
- [ ] Karton
|
||||||
|
|
24
flake.lock
24
flake.lock
|
@ -7,11 +7,11 @@
|
||||||
"nixpkgs": "nixpkgs"
|
"nixpkgs": "nixpkgs"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1689948211,
|
"lastModified": 1690376079,
|
||||||
"narHash": "sha256-XVDDrerEzYucD6cL7nNW7dNfGhDnhfpB+rbuDvlaWrc=",
|
"narHash": "sha256-IJiajoljCMUGlp1bwT/loXs1B3RH2FXpLepnqvcPNEY=",
|
||||||
"owner": "hercules-ci",
|
"owner": "hercules-ci",
|
||||||
"repo": "arion",
|
"repo": "arion",
|
||||||
"rev": "9ba47f9fbb8650158d9983e19b53206586be4382",
|
"rev": "f0436c8478d1b5530c115a6b1202c4478dfe2f81",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -44,11 +44,11 @@
|
||||||
"nixpkgs": "nixpkgs_2"
|
"nixpkgs": "nixpkgs_2"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1690660551,
|
"lastModified": 1690952814,
|
||||||
"narHash": "sha256-4F5dkDy52pLeP8Pnxz/rFzFx6ckL7bZkY0VazaEcr7U=",
|
"narHash": "sha256-Mv7zH8BIjtsUSsdgE8UvFdMvwJ+FXQAb5bHsJKzYHMM=",
|
||||||
"owner": "famedly",
|
"owner": "famedly",
|
||||||
"repo": "conduit",
|
"repo": "conduit",
|
||||||
"rev": "afd8112e25a86918c7f9ac657523698b2e0315f4",
|
"rev": "06ab707c79b58df2eca96add0f419755e3522bdf",
|
||||||
"type": "gitlab"
|
"type": "gitlab"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -361,11 +361,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgsUnstable": {
|
"nixpkgsUnstable": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1690031011,
|
"lastModified": 1691006197,
|
||||||
"narHash": "sha256-kzK0P4Smt7CL53YCdZCBbt9uBFFhE0iNvCki20etAf4=",
|
"narHash": "sha256-DbtxVWPt+ZP5W0Usg7jAyTomIM//c3Jtfa59Ht7AV8s=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "12303c652b881435065a98729eb7278313041e49",
|
"rev": "66aedfd010204949cb225cf749be08cb13ce1813",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -425,11 +425,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_5": {
|
"nixpkgs_5": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1690148897,
|
"lastModified": 1690927903,
|
||||||
"narHash": "sha256-l/j/AX1d2K79EWslwgWR2+htkzCbtjKZsS5NbWXnhz4=",
|
"narHash": "sha256-D5gCaCROnjEKDOel//8TO/pOP87pAEtT0uT8X+0Bj/U=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "ac1acba43b2f9db073943ff5ed883ce7e8a40a2c",
|
"rev": "bd836ac5e5a7358dea73cb74a013ca32864ccb86",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
|
@ -13,23 +13,26 @@
|
||||||
#];
|
#];
|
||||||
#};
|
#};
|
||||||
#networking.useDHCP = lib.mkDefault true;
|
#networking.useDHCP = lib.mkDefault true;
|
||||||
|
systemd.services."NetworkManager-wait-oline".enable = false;
|
||||||
networking = {
|
networking = {
|
||||||
nameservers = [ "9.9.9.9" "149.112.112.112" ];
|
nameservers = [ "9.9.9.9" "149.112.112.112" ];
|
||||||
hostName = "katzen-cafe";
|
hostName = "katzen-cafe";
|
||||||
networkmanager = {
|
networkmanager = {
|
||||||
enable = true;
|
enable = true;
|
||||||
unmanaged = [ "interface-name:ve-phtanumb+" "interface-name:ve-katzenwiki" ];
|
unmanaged = [ "interface-name:ve-phtanumb+" "interface-name:ve-katzenwiki" "interface-name:ve-nextcloud" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
firewall.allowedTCPPorts = [ 22 80 443 ];
|
firewall.allowedTCPPorts = [ 22 80 443 ];
|
||||||
|
firewall.checkReversePath = false;
|
||||||
# firewall.allowedUDPPorts = [ 25568 25569 ];
|
# firewall.allowedUDPPorts = [ 25568 25569 ];
|
||||||
|
|
||||||
nat = {
|
nat = {
|
||||||
enable = true;
|
enable = true;
|
||||||
internalInterfaces = [ "ve-phtanumb+" "ve-katzenwiki" ];
|
internalInterfaces = [ "ve-phtanumb+" "ve-katzenwiki" "ve-nextcloud" ];
|
||||||
externalInterface = "enp1s0";
|
externalInterface = "enp1s0";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
interfaces."enp1s0" = {
|
interfaces."enp1s0" = {
|
||||||
ipv6.addresses = [{
|
ipv6.addresses = [{
|
||||||
address = "2a01:4f8:c17:c51f::";
|
address = "2a01:4f8:c17:c51f::";
|
||||||
|
|
|
@ -5,5 +5,6 @@
|
||||||
./phtanumb-wiki.nix
|
./phtanumb-wiki.nix
|
||||||
./calckey.nix
|
./calckey.nix
|
||||||
./penpot.nix
|
./penpot.nix
|
||||||
|
./nextcloud.nix
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -28,7 +28,7 @@
|
||||||
database = {
|
database = {
|
||||||
type = "mysql";
|
type = "mysql";
|
||||||
};
|
};
|
||||||
virtualHost = {
|
httpd.virtualHost = {
|
||||||
hostName = "wiki.katzen.cafe";
|
hostName = "wiki.katzen.cafe";
|
||||||
adminAddr = "admin@katzen.cafe";
|
adminAddr = "admin@katzen.cafe";
|
||||||
listen = [
|
listen = [
|
||||||
|
|
64
modules/containers/nextcloud.nix
Normal file
64
modules/containers/nextcloud.nix
Normal file
|
@ -0,0 +1,64 @@
|
||||||
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
|
containers."nextcloud" = {
|
||||||
|
autoStart = true;
|
||||||
|
privateNetwork = true;
|
||||||
|
hostAddress = "10.0.3.1";
|
||||||
|
localAddress = "10.0.3.2";
|
||||||
|
bindMounts = {
|
||||||
|
"/var/lib/nextcloud" = {
|
||||||
|
hostPath = "/nextcloud/data";
|
||||||
|
isReadOnly = false;
|
||||||
|
};
|
||||||
|
"/var/lib/postgresql" = {
|
||||||
|
hostPath = "/nextcloud/db";
|
||||||
|
isReadOnly = false;
|
||||||
|
};
|
||||||
|
"/var/secret" = {
|
||||||
|
hostPath = "/nextcloud/secret";
|
||||||
|
isReadOnly = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
config = { config, pkgs, ... }: {
|
||||||
|
networking.firewall.enable = false;
|
||||||
|
environment.etc."resolv.conf".text = "nameserver 9.9.9.9";
|
||||||
|
services.nextcloud = {
|
||||||
|
enable = true;
|
||||||
|
https = true;
|
||||||
|
config = {
|
||||||
|
dbtype = "pgsql";
|
||||||
|
dbhost = "/run/postgresql";
|
||||||
|
adminpassFile = "/var/secret/nextcloud-admin-pass";
|
||||||
|
trustedProxies = [ "10.0.3.1" ];
|
||||||
|
};
|
||||||
|
hostName = "wolke.katzen.cafe";
|
||||||
|
package = pkgs.nextcloud27;
|
||||||
|
extraApps = with config.services.nextcloud.package.packages.apps; {
|
||||||
|
inherit bookmarks calendar contacts;
|
||||||
|
user_oidc = pkgs.fetchNextcloudApp rec {
|
||||||
|
url = "https://github.com/nextcloud-releases/user_oidc/releases/download/v1.3.3/user_oidc-v1.3.3.tar.gz";
|
||||||
|
sha256 = "sha256-s8xr25a40/ot7KDv3Vn7WBm4Pb13LzzK62ZNYufXQ2w";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
services.postgresql = {
|
||||||
|
enable = true;
|
||||||
|
ensureDatabases = [ "nextcloud" ];
|
||||||
|
ensureUsers = [
|
||||||
|
{
|
||||||
|
name = "nextcloud";
|
||||||
|
ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
system.stateVersion = "23.05";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
deployment.keys = {
|
||||||
|
"nextcloud-admin-pass" = {
|
||||||
|
keyCommand = [ "cat" "/home/jade/keys-tmp/nextcloud-admin-pass" ];
|
||||||
|
destDir = "/nextcloud/secret";
|
||||||
|
permissions = "0604";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -15,7 +15,7 @@
|
||||||
depends_on = [ "penpot-postgres" "penpot-redis" ];
|
depends_on = [ "penpot-postgres" "penpot-redis" ];
|
||||||
networks = [ "penpot" ];
|
networks = [ "penpot" ];
|
||||||
environment = {
|
environment = {
|
||||||
"PENPOT_FLAGS" = "enable-registration disable-login disable-login-with-password enable-login-with-oidc";
|
"PENPOT_FLAGS" = "enable-registration disable-login disable-login-with-password enable-login-with-oidc enable-smtp";
|
||||||
"PENPOT_PREPL_HOST" = "0.0.0.0";
|
"PENPOT_PREPL_HOST" = "0.0.0.0";
|
||||||
|
|
||||||
"PENPOT_PUBLIC_URI" = "https://design.katzen.cafe";
|
"PENPOT_PUBLIC_URI" = "https://design.katzen.cafe";
|
||||||
|
@ -35,16 +35,15 @@
|
||||||
"PENPOT_OIDC_BASE_URI" = "https://auth.katzen.cafe/realms/katzen.cafe/";
|
"PENPOT_OIDC_BASE_URI" = "https://auth.katzen.cafe/realms/katzen.cafe/";
|
||||||
#"PENPOT_OIDC_" = "";
|
#"PENPOT_OIDC_" = "";
|
||||||
|
|
||||||
#"PENPOT_SMTP_DEFAULT_FROM" = "Penpot <noreply-pp@schrottkatze.de>";
|
"PENPOT_SMTP_DEFAULT_FROM" = "Penpot <noreply@katzen.cafe>";
|
||||||
#"PENPOT_SMTP_DEFAULT_REPLY_TO" = "Penpot <noreply-pp@schrottkatze.de>";
|
"PENPOT_SMTP_DEFAULT_REPLY_TO" = "Penpot <noreply@katzen.cafe>";
|
||||||
#"PENPOT_SMTP_HOST" = "smtp.migadu.com";
|
"PENPOT_SMTP_HOST" = "mail.katzen.cafe";
|
||||||
#"PENPOT_SMTP_PORT" = "587";
|
"PENPOT_SMTP_PORT" = "465";
|
||||||
#"PENPOT_SMTP_USERNAME" = "noreply-pp@schrottkatze.de";
|
"PENPOT_SMTP_USERNAME" = "noreply@katzen.cafe";
|
||||||
#"PENPOT_SMTP_PASSWORD" = "${builtins.readFile ../secret-data/penpot-smtp-pass}";
|
"PENPOT_SMTP_TLS" = "true";
|
||||||
#"PENPOT_SMTP_TLS" = "true";
|
# "PENPOT_SMTP_SSL" = "true";
|
||||||
#"PENPOT_SMTP_SSL" = "false";
|
|
||||||
};
|
};
|
||||||
env_file = [ "/penpot/secret/oidcPpSecret" ];
|
env_file = [ "/var/lib/secrets/penpot-secrets" ];
|
||||||
};
|
};
|
||||||
"penpot-frontend".service = {
|
"penpot-frontend".service = {
|
||||||
image = "penpotapp/frontend:latest";
|
image = "penpotapp/frontend:latest";
|
||||||
|
@ -84,9 +83,9 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
deployment.keys = {
|
deployment.keys = {
|
||||||
"oidcPpSecret" = {
|
"penpot-secrets" = {
|
||||||
keyCommand = [ "cat" "/home/jade/keys-tmp/penpot-keycloak-secret" ];
|
keyCommand = [ "cat" "/home/jade/keys-tmp/penpot-secrets" ];
|
||||||
destDir = "/penpot/secret/";
|
destDir = "/var/lib/secrets";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -29,25 +29,19 @@
|
||||||
};
|
};
|
||||||
mailer = {
|
mailer = {
|
||||||
ENABLED = true;
|
ENABLED = true;
|
||||||
FROM = "forge@noreply.katzen.cafe";
|
FROM = "noreply@katzen.cafe";
|
||||||
MAILER_TYPE = "smtp";
|
PROTOCOL = "smtps";
|
||||||
SMTP_ADDR = "mail.katzen.cafe";
|
SMTP_ADDR = "mail.katzen.cafe";
|
||||||
SMTP_PORT = 465;
|
SMTP_PORT = 465;
|
||||||
IS_TLS_ENABLED = true;
|
USER = "noreply@katzen.cafe";
|
||||||
USER = "forge@noreply.katzen.cafe";
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
mailerPasswordFile = "/forgejo/secret/mailerPassword";
|
mailerPasswordFile = "/var/lib/secrets/noreply-mail-pw-plain";
|
||||||
};
|
};
|
||||||
deployment.keys = {
|
deployment.keys = {
|
||||||
"forgejoDbPw" = {
|
"noreply-mail-pw-plain" = {
|
||||||
keyCommand = [ "cat" "/home/jade/keys-tmp/forgejo-db-pw" ];
|
keyCommand = [ "cat" "/home/jade/keys-tmp/noreply-mail-pw-plain" ];
|
||||||
destDir = "/forgejo/secret/";
|
destDir = "/var/lib/secrets";
|
||||||
permissions = "0604";
|
|
||||||
};
|
|
||||||
"mailerPassword" = {
|
|
||||||
keyCommand = [ "cat" "/home/jade/keys-tmp/noreply-mailer-pw-forgejo" ];
|
|
||||||
destDir = "/forgejo/secret/";
|
|
||||||
permissions = "0604";
|
permissions = "0604";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -5,23 +5,14 @@
|
||||||
enable = true;
|
enable = true;
|
||||||
fqdn = "mail.katzen.cafe";
|
fqdn = "mail.katzen.cafe";
|
||||||
sendingFqdn = "katzen.cafe";
|
sendingFqdn = "katzen.cafe";
|
||||||
domains = [ "katzen.cafe" "noreply.katzen.cafe" ];
|
domains = [ "katzen.cafe" ];
|
||||||
loginAccounts = {
|
loginAccounts = {
|
||||||
"admin@katzen.cafe" = {
|
"admin@katzen.cafe" = {
|
||||||
hashedPasswordFile = "/var/lib/secrets/admin-mail-pw";
|
hashedPasswordFile = "/var/lib/secrets/admin-mail-pw";
|
||||||
aliases = [ "postmaster@katzen.cafe" "abuse@katzen.cafe" ];
|
aliases = [ "postmaster@katzen.cafe" "abuse@katzen.cafe" ];
|
||||||
};
|
};
|
||||||
"ck@noreply.katzen.cafe" = {
|
"noreply@katzen.cafe" = {
|
||||||
hashedPasswordFile = "/var/lib/secrets/noreply-mail-ck";
|
hashedPasswordFile = "/var/lib/secrets/noreply-mail-pw";
|
||||||
};
|
|
||||||
"forge@noreply.katzen.cafe" = {
|
|
||||||
hashedPasswordFile = "/var/lib/secrets/noreply-mail-forgejo";
|
|
||||||
};
|
|
||||||
"keycloak@noreply.katzen.cafe" = {
|
|
||||||
hashedPasswordFile = "/var/lib/secrets/noreply-mail-keycloak";
|
|
||||||
};
|
|
||||||
"penpot@noreply.katzen.cafe" = {
|
|
||||||
hashedPasswordFile = "/var/lib/secrets/noreply-mail-penpot";
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
certificateScheme = "acme-nginx";
|
certificateScheme = "acme-nginx";
|
||||||
|
@ -31,20 +22,8 @@
|
||||||
keyCommand = [ "cat" "/home/jade/keys-tmp/admin-mail-pw" ];
|
keyCommand = [ "cat" "/home/jade/keys-tmp/admin-mail-pw" ];
|
||||||
destDir = "/var/lib/secrets";
|
destDir = "/var/lib/secrets";
|
||||||
};
|
};
|
||||||
"noreply-mail-ck" = {
|
"noreply-mail-pw" = {
|
||||||
keyCommand = [ "cat" "/home/jade/keys-tmp/noreply-mail-ck" ];
|
keyCommand = [ "cat" "/home/jade/keys-tmp/noreply-mail-pw" ];
|
||||||
destDir = "/var/lib/secrets";
|
|
||||||
};
|
|
||||||
"noreply-mail-forgejo" = {
|
|
||||||
keyCommand = [ "cat" "/home/jade/keys-tmp/noreply-mail-forgejo" ];
|
|
||||||
destDir = "/var/lib/secrets";
|
|
||||||
};
|
|
||||||
"noreply-mail-keycloak" = {
|
|
||||||
keyCommand = [ "cat" "/home/jade/keys-tmp/noreply-mail-keycloak" ];
|
|
||||||
destDir = "/var/lib/secrets";
|
|
||||||
};
|
|
||||||
"noreply-mail-penpot" = {
|
|
||||||
keyCommand = [ "cat" "/home/jade/keys-tmp/noreply-mail-penpot" ];
|
|
||||||
destDir = "/var/lib/secrets";
|
destDir = "/var/lib/secrets";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -5,14 +5,17 @@
|
||||||
exporters = {
|
exporters = {
|
||||||
node = {
|
node = {
|
||||||
enable = true;
|
enable = true;
|
||||||
enabledCollectors = [ "systemd" ];
|
enabledCollectors = [ "systemd" "processes" ];
|
||||||
};
|
};
|
||||||
|
nginx = {
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
scrapeConfigs = [
|
scrapeConfigs = [
|
||||||
{
|
{
|
||||||
job_name = "katzencafe";
|
job_name = "katzencafe";
|
||||||
static_configs = [{
|
static_configs = [{
|
||||||
targets = [ "127.0.0.1:9100" ];
|
targets = [ "127.0.0.1:9100" "127.0.0.1:9113"];
|
||||||
}];
|
}];
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
@ -25,6 +28,13 @@
|
||||||
http_port = 2343;
|
http_port = 2343;
|
||||||
http_addr = "127.0.0.1";
|
http_addr = "127.0.0.1";
|
||||||
};
|
};
|
||||||
|
smtp = {
|
||||||
|
enabled = true;
|
||||||
|
user = "noreply@katzen.cafe";
|
||||||
|
password = "$__file{/var/lib/secrets/noreply-mail-pw-plain}";
|
||||||
|
host = "mail.katzen.cafe:465";
|
||||||
|
from_address = "noreply@katzen.cafe";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -11,6 +11,10 @@
|
||||||
group = "nginx";
|
group = "nginx";
|
||||||
keyType = "rsa4096";
|
keyType = "rsa4096";
|
||||||
};
|
};
|
||||||
|
"miau.katzen.cafe" = {
|
||||||
|
group = "nginx";
|
||||||
|
keyType = "rsa4096";
|
||||||
|
};
|
||||||
"forge.katzen.cafe" = {
|
"forge.katzen.cafe" = {
|
||||||
group = "nginx";
|
group = "nginx";
|
||||||
keyType = "rsa4096";
|
keyType = "rsa4096";
|
||||||
|
@ -47,6 +51,10 @@
|
||||||
group = "nginx";
|
group = "nginx";
|
||||||
keyType = "rsa4096";
|
keyType = "rsa4096";
|
||||||
};
|
};
|
||||||
|
"wolke.katzen.cafe" = {
|
||||||
|
group = "nginx";
|
||||||
|
keyType = "rsa4096";
|
||||||
|
};
|
||||||
# "prosody.katzen.cafe" = {
|
# "prosody.katzen.cafe" = {
|
||||||
# group = "prosody";
|
# group = "prosody";
|
||||||
# keyType = "rsa4096";
|
# keyType = "rsa4096";
|
||||||
|
@ -70,6 +78,13 @@
|
||||||
statusPage = true;
|
statusPage = true;
|
||||||
|
|
||||||
virtualHosts = {
|
virtualHosts = {
|
||||||
|
"miau.katzen.cafe" = {
|
||||||
|
forceSSL = true;
|
||||||
|
enableACME = true;
|
||||||
|
locations."/" = {
|
||||||
|
root = "/var/www/miau";
|
||||||
|
};
|
||||||
|
};
|
||||||
"_.katzen.cafe" = {
|
"_.katzen.cafe" = {
|
||||||
# Catchall vhost, will redirect users to HTTPS for all vhosts
|
# Catchall vhost, will redirect users to HTTPS for all vhosts
|
||||||
serverAliases = [ "*.katzen.cafe" ];
|
serverAliases = [ "*.katzen.cafe" ];
|
||||||
|
@ -78,6 +93,7 @@
|
||||||
};
|
};
|
||||||
locations."/" = {
|
locations."/" = {
|
||||||
return = "301 https://$host$request_uri";
|
return = "301 https://$host$request_uri";
|
||||||
|
root = "/var/www/miau";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
"grafana.katzen.cafe" = {
|
"grafana.katzen.cafe" = {
|
||||||
|
@ -151,6 +167,16 @@
|
||||||
proxyPass = "http://10.0.1.2";
|
proxyPass = "http://10.0.1.2";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
"wolke.katzen.cafe" = {
|
||||||
|
forceSSL = true;
|
||||||
|
enableACME = true;
|
||||||
|
locations."/" = {
|
||||||
|
proxyPass = "http://10.0.3.2";
|
||||||
|
};
|
||||||
|
extraConfig = ''
|
||||||
|
add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always;
|
||||||
|
'';
|
||||||
|
};
|
||||||
"hc-vault.katzen.cafe" = {
|
"hc-vault.katzen.cafe" = {
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
|
|
Loading…
Reference in a new issue