nginx uuu

2026-06-11 04:30:41 +03:00 · 2025-08-02 22:24:32 +03:00
parent e380852b65
commit 9d7972a5b3
1 changed files with 32 additions and 47 deletions
@@ -15,55 +15,40 @@
      recommendedTlsSettings = true;
      virtualHosts = {
        "immich.zeroq.ru" = {
-          listen = [
-            {
-              addr = "sapphira.laxta-platy.ts.net";
-              port = 2283;
-            }
-          ];
+          forceSSL = true; # Принудительный HTTPS
+          enableACME = true;
+          locations."/" = {
+            proxyPass = "http://sapphira.laxta-platy.ts.net:2283"; # Порт Immich
+            proxyWebsockets = true; # Если Immich использует WebSockets
+          };
+        };
+        "nextcloud.zeroq.ru" = {
+          forceSSL = true;
+          enableACME = true;
+          locations."/" = {
+            proxyPass = "http://sapphira.laxta-platy.ts.net:10000"; # Порт Nextcloud
+            proxyWebsockets = true;
+          };
+        };
+        "llm.zeroq.ru" = {
+          forceSSL = true;
+          enableACME = true;
+          locations."/" = {
+            proxyPass = "http://sapphira.laxta-platy.ts.net:11111"; # Порт Open WebUI
+            proxyWebsockets = true;
+          };
        };
-        # "vless-sub" = {
-
-        #   serverName = "${inputs.zeroq.devices.vds.hostname}.latxa-platy.ts.net";
-        #   listen = [
-        #     {
-        #       addr = "0.0.0.0"; # Tailscale IP вашего VDS
-        #       port = 44444;
-        #       ssl = false;
-        #     }
-        #     {
-        #       addr = "0.0.0.0"; # Tailscale IP вашего VDS
-        #       port = 44443;
-        #       ssl = true;
-        #     }
-        #   ];
-        #   root = "${inputs.zeroq-credentials.paths.vless-subs.root}"; # "${inputs.zeroq-credentials}/services/xray/subs";
-        #   locations."/" = {
-        #     extraConfig = ''
-        #       if ($scheme = http) {
-        #         return 301 https://$host:44443$request_uri;
-        #       }
-        #     '';
-        #   };
-        #   enableACME = true;
-        #   forceSSL = true; # Принудительно HTTPS
-
-        # };
      };
    };
  };
-  # security.acme = {
-  #   acceptTerms = true;
-  #   defaults.email = "oqyude@gmail.com"; # Укажите ваш email
-  #   certs."${inputs.zeroq.devices.vds.hostname}.latxa-platy.ts.net" = {
-  #     dnsProvider = null; # Tailscale hostname не требует DNS-проверки, если используем HTTP-01
-  #     webroot = "/var/lib/acme/acme-challenge";
-  #     extraLegoFlags = [ "--http-01.port=80" ];
-  #   };
-  # };
-  # networking.firewall.allowedTCPPorts = [
-  #   44443
-  #   44444
-  #   80
-  # ];
+  security.acme = {
+    acceptTerms = true;
+    defaults.email = "oqyude@gmail.com";
+  };
+  networking.firewall.allowedTCPPorts = [
+    #44443
+    #44444
+    80
+    443
+  ];
 }