diff --git a/config/hosts/keycloak/keycloak.nix b/config/hosts/keycloak/keycloak.nix index 2ae957b..e8e38c3 100644 --- a/config/hosts/keycloak/keycloak.nix +++ b/config/hosts/keycloak/keycloak.nix @@ -5,7 +5,7 @@ settings = { hostname = "https://id.nekover.se"; hostname-admin = "https://keycloak-admin.nekover.se"; - proxy-headers = "xforwarded"; + proxy-headers = "forwarded"; http-enabled = true; http-host = "127.0.0.1"; http-port = 8080; diff --git a/config/hosts/keycloak/nginx.nix b/config/hosts/keycloak/nginx.nix index c82597d..0c83ea0 100644 --- a/config/hosts/keycloak/nginx.nix +++ b/config/hosts/keycloak/nginx.nix @@ -41,13 +41,6 @@ proxy_buffer_size 128k; proxy_buffers 8 128k; - proxy_set_header Host $host; - proxy_set_header X-Forwarded-Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Port 443; - # This is https in any case. - proxy_set_header X-Forwarded-Proto https; # Hide the X-Forwarded header. proxy_hide_header X-Forwarded; # Assume we are the only Reverse Proxy (well using Proxy Protocol, but that @@ -103,13 +96,6 @@ proxy_buffer_size 128k; proxy_buffers 8 128k; - proxy_set_header Host $host; - proxy_set_header X-Forwarded-Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Port 443; - # This is https in any case. - proxy_set_header X-Forwarded-Proto https; # Hide the X-Forwarded header. proxy_hide_header X-Forwarded; # Assume we are the only Reverse Proxy (well using Proxy Protocol, but that diff --git a/config/hosts/matrix/matrix-synapse.nix b/config/hosts/matrix/matrix-synapse.nix index 8d74f50..7f339bf 100644 --- a/config/hosts/matrix/matrix-synapse.nix +++ b/config/hosts/matrix/matrix-synapse.nix @@ -1,9 +1,5 @@ -{ pkgs, ... }: +{ ... }: { - environment.systemPackages = with pkgs; [ - matrix-authentication-service - syn2mas - ]; services.matrix-synapse = { enable = true; settings = {