30 lines
823 B
Nix
30 lines
823 B
Nix
{ pkgs, ... }:
|
|
|
|
{
|
|
security.acme.email = "malte.tammena@pm.me";
|
|
security.acme.acceptTerms = true;
|
|
|
|
networking.firewall.allowedTCPPorts = [ 443 80 ];
|
|
|
|
services.nginx = {
|
|
enable = true;
|
|
recommendedProxySettings = true;
|
|
recommendedTlsSettings = true;
|
|
# # other Nginx options
|
|
# virtualHosts."example.com" = {
|
|
# enableACME = true;
|
|
# forceSSL = true;
|
|
# locations."/" = {
|
|
# proxyPass = "https://127.0.0.1:12345";
|
|
# proxyWebsockets = true; # needed if you need to use WebSocket
|
|
# extraConfig =
|
|
# # required when the target is also TLS server with multiple hosts
|
|
# "proxy_ssl_server_name on;" +
|
|
# # required when the server wants to use HTTP Authentication
|
|
# "proxy_pass_header Authorization;";
|
|
# };
|
|
# };
|
|
};
|
|
|
|
}
|