123

2026-06-11 04:30:41 +03:00 · 2025-09-24 14:21:23 +03:00
parent 9a95052e4c
commit 3a3530ac20
1 changed files with 38 additions and 37 deletions
@@ -20,39 +20,33 @@ in
          forceSSL = true;
          enableACME = true;
          kTLS = true;
-          locations = {
+          locations."/" = {
-            "/mealie" = {
+            proxyPass = "http://${server}:6060";
-              proxyPass = "http://${server}:9000";
+            proxyWebsockets = true;
-              proxyWebsockets = true;
+          };
-            };
+          extraConfig = ''
-            "/memos" = {
+            client_max_body_size 5G;
-              proxyPass = "http://${server}:5230";
+          '';
-              proxyWebsockets = true;
+        };
-            };
+        "mealie.zeroq.ru" = {
-            "/trilium" = {
+          forceSSL = true;
-              proxyPass = "http://${server}:11000";
+          enableACME = true;
-              proxyWebsockets = true;
+          kTLS = true;
-            };
+          locations."/" = {
-            "/flux" = {
+            proxyPass = "http://${server}:9000";
-              proxyPass = "http://${server}:6061";
+            proxyWebsockets = true;
-              proxyWebsockets = true;
+          };
-            };
+          extraConfig = ''
-            "/calibre" = {
+            client_max_body_size 5G;
-              proxyPass = "http://${server}:8083";
+          '';
-              proxyWebsockets = true;
+        };
-            };
+        "flux.zeroq.ru" = {
-            "/pdf" = {
+          forceSSL = true;
-              proxyPass = "http://${server}:6060";
+          enableACME = true;
-              proxyWebsockets = true;
+          kTLS = true;
-            };
+          locations."/" = {
-            "/immich" = {
+            proxyPass = "http://${server}:6061";
-              proxyPass = "http://${server}:2283";
+            proxyWebsockets = true;
              proxyWebsockets = true;
            };
            "/nextcloud" = {
              proxyPass = "http://${server}:10000";
              proxyWebsockets = true;
            };
          };
          extraConfig = ''
            client_max_body_size 5G;
@@ -134,10 +128,17 @@ in
    acceptTerms = true;
    defaults = {
      email = "go.bin043120@gmail.com";
-      #webroot = "/var/lib/acme/acme-challenge";
+      certs."zeroq.ru" = {
-      #group = config.services.nginx.group;
+        # DNS challenge обязательно для wildcard
-      #server = "https://acme-staging-v02.api.letsencrypt.org/directory";
+        dnsProvider = "regru"; # нужен плагин acme.sh для REG.RU
-      #listenHTTP = ":1360";
+        # Подключаем креды
        credentials = {
          REGRU_USERNAME = inputs.zeroq-credentials.services.acme.username;
          REGRU_PASSWORD = inputs.zeroq-credentials.services.acme.password;
        };
        # wildcard домен
        identifiers = [ "*.zeroq.ru" "zeroq.ru" ];
      };
    };
  };
  networking.firewall.allowedTCPPorts = [