dotfiles/hosts/groceries/services/default.nix

39 lines
747 B
Nix
Raw Normal View History

{ config, ... }:
{
imports = [
./forgejo.nix
./sync
];
networking.firewall.allowedTCPPorts = [ 80 443 ];
services.nginx = {
enable = true;
virtualHosts = {
"eriedaberrie.me" = {
forceSSL = true;
enableACME = true;
acmeRoot = null;
serverAliases = [ "www.eriedaberrie.me" ];
locations."/".proxyPass = "http://127.0.0.1:8080/";
};
};
};
security.acme = {
acceptTerms = true;
defaults.email = "eriedaberrie@gmail.com";
certs = {
"eriedaberrie.me" = {
dnsProvider = "porkbun";
credentialsFile = config.age.secrets.porkbun-auth.path;
extraDomainNames = [
"www.eriedaberrie.me"
];
};
};
};
}