Spoutnik is now an nginx reverse-proxy

This commit is contained in:
ADRN 2021-11-28 19:20:36 +01:00
parent 2d8999b5d5
commit 3bb938c9a0
3 changed files with 39 additions and 0 deletions

1
.gitignore vendored Normal file
View file

@ -0,0 +1 @@
notes/

View file

@ -24,5 +24,41 @@
ips = [ "10.42.0.2/16" ];
listenPort = 42136;
};
# Nginx configuration:
services.nginx = {
enable = true;
# Use recommended settings
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
# Add any further config to match your needs, e.g.:
virtualHosts = let
base = locations: {
inherit locations;
forceSSL = true;
enableACME = true;
};
proxy = addr: port: base {
"/".proxyPass = "http://" + addr + ":" + toString(port);
};
in {
"axl.deuxfleurs.fr" = proxy "192.168.0.60" 80;
"warez.luxeylab.net" = proxy "192.168.0.50" 80;
};
};
# ACME:
security.acme = {
acceptTerms = true;
email = "adrien@luxeylab.net";
};
}

View file

@ -10,4 +10,6 @@
services.nomad.settings.datacenter = "pluton";
services.consul.extraConfig.bootstrap_expect = 1;
services.nomad.settings.server.bootstrap_expect = 1;
networking.firewall.allowedTCPPorts = [ 80 443 ];
}