oqyude/nixos
1
0
Fork 0
mirror of https://github.com/oqyude/nixos.git synced 2026-06-15 06:30:10 +03:00
Code Issues Packages Projects Releases Wiki Activity

point

Browse Source
This commit is contained in:
Jor Oqyude
2025-09-13 13:45:05 +03:00
parent 830d0cbecd
commit 869f85b74e
1 changed files with 27 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
nixosModules/vds/nginx.nix
+27 -6
View File
@@ -7,7 +7,12 @@ let
server = "100.64.0.0"; server = "100.64.0.0";
in in
{ {
users.users.nginx.extraGroups = [ "acme" ];
services = { services = {
certbot = {
enable = true;
agreeTerms = true;
};
nginx = { nginx = {
enable = true; enable = true;
recommendedGzipSettings = true; recommendedGzipSettings = true;
@@ -20,16 +25,26 @@ in
listen = [ listen = [
{ {
addr = "0.0.0.0"; addr = "0.0.0.0";
port = 8443; port = 80;
}
{
addr = "0.0.0.0";
port = 443;
ssl = true; ssl = true;
} }
]; ];
forceSSL = true; #forceSSL = true;
addSSL = true;
enableACME = true; enableACME = true;
locations."/" = { locations = {
proxyPass = "http://${server}:2283"; # Порт Immich "/" = {
proxyWebsockets = true; # Если Immich использует WebSockets proxyPass = "http://${server}:2283"; # Порт Immich
proxyWebsockets = true; # Если Immich использует WebSockets
};
}; };
# locations."/.well-known/acme-challenge" = {
# root = "/var/www/acme/acme-challenge";
# };
}; };
# "nextcloud.zeroq.ru" = { # "nextcloud.zeroq.ru" = {
# addSSL = true; # addSSL = true;
@@ -73,7 +88,13 @@ in
}; };
security.acme = { security.acme = {
acceptTerms = true; acceptTerms = true;
defaults.email = "oqyude@gmail.com"; defaults = {
email = "oqyude@gmail.com";
webroot = "/var/lib/acme/acme-challenge";
group = config.services.nginx.group;
server = "https://acme-staging-v02.api.letsencrypt.org/directory";
#listenHTTP = ":1360";
};
# certs."immich.zeroq.ru" = { # certs."immich.zeroq.ru" = {
# email = "go.bin043120@gmail.com"; # email = "go.bin043120@gmail.com";
# dnsProvider = "cloudflare"; # dnsProvider = "cloudflare";