mirror of
https://github.com/oqyude/nixos.git
synced 2026-06-11 04:30:41 +03:00
123
This commit is contained in:
Generated
+4
-4
@@ -544,11 +544,11 @@
|
|||||||
},
|
},
|
||||||
"zeroq-credentials": {
|
"zeroq-credentials": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1753364427,
|
"lastModified": 1753387589,
|
||||||
"narHash": "sha256-80qOUx/1DspR1RzdkUFxhaqvxfqcVDnbp3kAfq151tI=",
|
"narHash": "sha256-kJypMcuUJ6PRVrBQxQa7qYhPmyEDh14aZ8EMSLALhwA=",
|
||||||
"ref": "refs/heads/master",
|
"ref": "refs/heads/master",
|
||||||
"rev": "36b8715d3aafab43fbec37855f7e8793d59bef29",
|
"rev": "5973e19fc796a3bb6124d6f44400da8dc8f3196b",
|
||||||
"revCount": 16,
|
"revCount": 18,
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "ssh://git@github.com/oqyude/zeroq-credentials.git"
|
"url": "ssh://git@github.com/oqyude/zeroq-credentials.git"
|
||||||
},
|
},
|
||||||
|
|||||||
+34
-8
@@ -8,27 +8,53 @@
|
|||||||
{
|
{
|
||||||
services = {
|
services = {
|
||||||
nginx = {
|
nginx = {
|
||||||
enable = false;
|
enable = true;
|
||||||
recommendedGzipSettings = true;
|
recommendedGzipSettings = true;
|
||||||
recommendedOptimisation = true;
|
recommendedOptimisation = true;
|
||||||
recommendedProxySettings = true;
|
recommendedProxySettings = true;
|
||||||
recommendedTlsSettings = true;
|
recommendedTlsSettings = true;
|
||||||
virtualHosts = {
|
virtualHosts = {
|
||||||
"localhost:10000" = {
|
"vless-sub" = {
|
||||||
forceSSL = false;
|
|
||||||
enableACME = false;
|
serverName = "${inputs.zeroq.devices.vds.hostname}.latxa-platy.ts.net";
|
||||||
listen = [
|
listen = [
|
||||||
{
|
{
|
||||||
addr = "100.64.0.0";
|
addr = "${inputs.zeroq.devices.vds.hostname}.latxa-platy.ts.net"; # Tailscale IP вашего VDS
|
||||||
port = 10000;
|
port = 44444;
|
||||||
|
ssl = false;
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
addr = "192.168.1.20";
|
addr = "${inputs.zeroq.devices.vds.hostname}.latxa-platy.ts.net"; # Tailscale IP вашего VDS
|
||||||
port = 10000;
|
port = 44443;
|
||||||
|
ssl = true;
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
root = "${inputs.zeroq-credentials.paths.vless-subs.root}"; # "${inputs.zeroq-credentials}/services/xray/subs";
|
||||||
|
locations."/" = {
|
||||||
|
extraConfig = ''
|
||||||
|
if ($scheme = http) {
|
||||||
|
return 301 https://$host:44443$request_uri;
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
enableACME = true;
|
||||||
|
forceSSL = true; # Принудительно HTTPS
|
||||||
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
security.acme = {
|
||||||
|
acceptTerms = true;
|
||||||
|
defaults.email = "oqyude@gmail.com"; # Укажите ваш email
|
||||||
|
certs."${inputs.zeroq.devices.vds.hostname}.latxa-platy.ts.net" = {
|
||||||
|
dnsProvider = null; # Tailscale hostname не требует DNS-проверки, если используем HTTP-01
|
||||||
|
webroot = "/var/lib/acme/acme-challenge";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
networking.firewall.allowedTCPPorts = [
|
||||||
|
44443
|
||||||
|
44444
|
||||||
|
80
|
||||||
|
];
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user