Luj/snowfield
1
0
Fork 0
mirror of https://github.com/JulienMalka/snowfield.git synced 2025-03-30 08:40:52 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(gustave/nginx): listen on ipv6 port 80 for let's encrypt

Browse source
This commit is contained in:
Julien Malka 2024-11-25 19:03:22 +01:00
parent de0beedf32
commit a69a3ab91a
Signed by: Luj
GPG key ID: 6FC74C847011FD83
1 changed files with 9 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
machines/gustave/pages.nix
View file

@ -38,9 +38,7 @@
settingsFile = config.age.secrets."pages-settings-file".path; settingsFile = config.age.secrets."pages-settings-file".path;
}; };
networking.firewall.allowedTCPPorts = [ networking.firewall.allowedTCPPorts = [ 8447 ];
8447
];
luj.nginx.enable = true; luj.nginx.enable = true;
services.nginx = { services.nginx = {
@ -51,18 +49,25 @@
defaultListen = [ defaultListen = [
{ {
addr = "127.0.0.1"; addr = "0.0.0.0";
port = 8446; port = 8446;
ssl = true; ssl = true;
proxyProtocol = true; proxyProtocol = true;
} }
{ {
addr = "0.0.0.0"; addr = "0.0.0.0";
port = 80;
ssl = false;
}
{
addr = "[::]";
port = 80;
ssl = false; ssl = false;
} }
]; ];
streamConfig = '' streamConfig = ''
map $ssl_preread_server_name $sni_upstream { map $ssl_preread_server_name $sni_upstream {
hostnames; hostnames;
default 0.0.0.0:8010; default 0.0.0.0:8010;