50 lines
1.2 KiB
Nix
50 lines
1.2 KiB
Nix
{ ... }:
|
|
{
|
|
imports = [
|
|
./virtualHosts
|
|
];
|
|
|
|
services.nginx = {
|
|
enable = true;
|
|
|
|
eventsConfig = ''
|
|
worker_connections 1024;
|
|
'';
|
|
|
|
appendConfig = ''
|
|
worker_processes auto;
|
|
|
|
stream {
|
|
map $ssl_preread_server_name $address {
|
|
anisync.grzb.de 127.0.0.1:8443;
|
|
birdsite.nekover.se 10.202.41.107:8443;
|
|
cloud.nekover.se 10.202.41.122:8443;
|
|
element.nekover.se 127.0.0.1:8443;
|
|
gameserver.grzb.de 127.0.0.1:8443;
|
|
git.grzb.de 127.0.0.1:8443;
|
|
git.nekover.se 10.202.41.106:8443;
|
|
hydra.nekover.se 10.202.41.121:8443;
|
|
id.nekover.se 10.202.41.124:8443;
|
|
matrix.nekover.se 10.202.41.112:8443;
|
|
mewtube.nekover.se 127.0.0.1:8443;
|
|
nekover.se 127.0.0.1:8443;
|
|
nix-cache.nekover.se 10.202.41.121:8443;
|
|
searx.nekover.se 10.202.41.105:8443;
|
|
social.nekover.se 10.202.41.104:8443;
|
|
}
|
|
server {
|
|
listen 0.0.0.0:443;
|
|
listen [::]:443;
|
|
proxy_pass $address;
|
|
ssl_preread on;
|
|
proxy_protocol on;
|
|
}
|
|
}
|
|
'';
|
|
|
|
appendHttpConfig = ''
|
|
add_header Strict-Transport-Security "max-age=63072000" always;
|
|
'';
|
|
};
|
|
}
|