gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 12:29:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(access): login.local

Browse source
This commit is contained in:
arcnmx 2024-05-17 19:43:32 -07:00
parent 3099654a97
commit 5a5844cc08
2 changed files with 34 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

33
nixos/access/vouch.nix
View file

@ -41,26 +41,29 @@ in {
name.shortServer = mkDefault "login";
in {
vouch = {xvars, ...}: {
enable = mkDefault false;
inherit name locations;
serverAliases = [nginx.vouch.doubleProxy.serverName];
proxied.enable = true;
proxy = {
upstream = mkDefault "vouch'access";
};
};
vouch'access = {xvars, ...}: {
enable = mkDefault nginx.vouch.doubleProxy.enable;
serverName = nginx.vouch.doubleProxy.serverName;
proxied.enable = true;
#listen'.proxied.ssl = true;
proxy = {
copyFromVhost = "vouch";
host = mkDefault xvars.get.host;
};
local.denyGlobal = true;
ssl.cert.copyFromVhost = "vouch";
};
vouch'local = {xvars, ...}: {
name = {
inherit (name) shortServer;
includeTailscale = mkDefault false;
};
serverAliases = mkIf cfg.enable [nginx.vouch.doubleProxy.localServerName];
proxied.enable = true;
proxy = {
upstream = mkDefault "vouch'access'local";
host = mkDefault xvars.get.host;
};
proxy.upstream = mkDefault "vouch'access'local";
local.enable = true;
ssl = {
force = true;
@ -68,6 +71,18 @@ in {
};
inherit locations;
};
vouch'local'access = {xvars, ...}: {
enable = mkDefault nginx.vouch.doubleProxy.enable;
serverName = nginx.vouch.doubleProxy.localServerName;
proxied.enable = true;
#listen'.proxied.ssl = true;
proxy = {
copyFromVhost = "vouch'local";
host = mkDefault xvars.get.host;
};
ssl.cert.copyFromVhost = "vouch'local";
inherit locations;
};
vouch'tail = {xvars, ...}: {
enable = mkDefault (tailscale.enable && !nginx.virtualHosts.vouch'local.name.includeTailscale);
ssl.cert.copyFromVhost = "vouch'local";