Spoutnik is now an nginx reverse-proxy
This commit is contained in:
parent
2d8999b5d5
commit
3bb938c9a0
3 changed files with 39 additions and 0 deletions
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
|
@ -0,0 +1 @@
|
||||||
|
notes/
|
|
@ -24,5 +24,41 @@
|
||||||
ips = [ "10.42.0.2/16" ];
|
ips = [ "10.42.0.2/16" ];
|
||||||
listenPort = 42136;
|
listenPort = 42136;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Nginx configuration:
|
||||||
|
|
||||||
|
services.nginx = {
|
||||||
|
enable = true;
|
||||||
|
|
||||||
|
# Use recommended settings
|
||||||
|
recommendedGzipSettings = true;
|
||||||
|
recommendedOptimisation = true;
|
||||||
|
recommendedProxySettings = true;
|
||||||
|
recommendedTlsSettings = true;
|
||||||
|
|
||||||
|
# Add any further config to match your needs, e.g.:
|
||||||
|
virtualHosts = let
|
||||||
|
base = locations: {
|
||||||
|
inherit locations;
|
||||||
|
|
||||||
|
forceSSL = true;
|
||||||
|
enableACME = true;
|
||||||
|
};
|
||||||
|
proxy = addr: port: base {
|
||||||
|
"/".proxyPass = "http://" + addr + ":" + toString(port);
|
||||||
|
};
|
||||||
|
in {
|
||||||
|
"axl.deuxfleurs.fr" = proxy "192.168.0.60" 80;
|
||||||
|
"warez.luxeylab.net" = proxy "192.168.0.50" 80;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
# ACME:
|
||||||
|
|
||||||
|
security.acme = {
|
||||||
|
acceptTerms = true;
|
||||||
|
email = "adrien@luxeylab.net";
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -10,4 +10,6 @@
|
||||||
services.nomad.settings.datacenter = "pluton";
|
services.nomad.settings.datacenter = "pluton";
|
||||||
services.consul.extraConfig.bootstrap_expect = 1;
|
services.consul.extraConfig.bootstrap_expect = 1;
|
||||||
services.nomad.settings.server.bootstrap_expect = 1;
|
services.nomad.settings.server.bootstrap_expect = 1;
|
||||||
|
|
||||||
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue