wip
parent
e01d144885
commit
07067a1dc5
|
@ -5,8 +5,10 @@ with lib;
|
|||
options.tinc = {
|
||||
private = {
|
||||
enable = mkEnableOption "private tinc setup";
|
||||
ipv4 = mkOption {
|
||||
ipv4 = mkOption { type = types.str; };
|
||||
subnet = mkOption {
|
||||
type = types.str;
|
||||
default = "10.23.42.0/24";
|
||||
};
|
||||
};
|
||||
secret = {
|
||||
|
|
|
@ -290,20 +290,20 @@ in
|
|||
|
||||
# curl -H "Host: transmission.robi.private" https://robi.private/ < will work
|
||||
# curl -H "Host: transmission.robi.private" https://144.76.13.147/ < wont work
|
||||
#services.nginx = {
|
||||
# enable = true;
|
||||
# recommendedProxySettings = true;
|
||||
# virtualHosts = {
|
||||
# "transmission.${config.networking.hostName}.private" = {
|
||||
# extraConfig = ''
|
||||
# allow ${config.module.cluster.services.tinc.private.networkSubnet};
|
||||
# deny all;
|
||||
# '';
|
||||
# locations."/" = {
|
||||
# proxyPass = "http://${containerAddress}:${toString uiPort}";
|
||||
# };
|
||||
# };
|
||||
# };
|
||||
#};
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
recommendedProxySettings = true;
|
||||
virtualHosts = {
|
||||
"transmission.${config.networking.hostName}.private" = {
|
||||
extraConfig = ''
|
||||
allow ${config.tinc.private.subnet};
|
||||
deny all;
|
||||
'';
|
||||
locations."/" = {
|
||||
proxyPass = "http://${containerAddress}:${toString uiPort}";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -168,20 +168,20 @@ in
|
|||
|
||||
# curl -H "Host: transmission.robi.private" https://robi.private/ < will work
|
||||
# curl -H "Host: transmission.robi.private" https://144.76.13.147/ < wont work
|
||||
#services.nginx = {
|
||||
# enable = true;
|
||||
# recommendedProxySettings = true;
|
||||
# virtualHosts = {
|
||||
# "transmission2.${config.networking.hostName}.private" = {
|
||||
# extraConfig = ''
|
||||
# allow ${config.module.cluster.services.tinc.private.networkSubnet};
|
||||
# deny all;
|
||||
# '';
|
||||
# locations."/" = {
|
||||
# proxyPass = "http://127.0.0.1:${toString uiPort}";
|
||||
# };
|
||||
# };
|
||||
# };
|
||||
#};
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
recommendedProxySettings = true;
|
||||
virtualHosts = {
|
||||
"transmission2.${config.networking.hostName}.private" = {
|
||||
extraConfig = ''
|
||||
allow ${config.tinc.private.subnet};
|
||||
deny all;
|
||||
'';
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:${toString uiPort}";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue