diff --git a/machines/fuuko/services/media.nix b/machines/fuuko/services/media.nix index 5f460c5..e527cd5 100644 --- a/machines/fuuko/services/media.nix +++ b/machines/fuuko/services/media.nix @@ -8,6 +8,9 @@ sops.secrets.media-htpasswd.owner = "nginx"; services.nginx.virtualHosts."media.sbruder.de" = { + enableACME = true; + forceSSL = true; + basicAuthFile = config.sops.secrets.media-htpasswd.path; root = "/data/media/"; diff --git a/machines/fuuko/services/photoprism.nix b/machines/fuuko/services/photoprism.nix index 0d175d1..a9aa350 100644 --- a/machines/fuuko/services/photoprism.nix +++ b/machines/fuuko/services/photoprism.nix @@ -18,6 +18,9 @@ ]; services.nginx.virtualHosts."photoprism.sbruder.de" = { + enableACME = true; + forceSSL = true; + locations = { "/" = { proxyPass = "http://127.0.0.1:${toString config.services.photoprism.port}"; diff --git a/machines/fuuko/services/torrent.nix b/machines/fuuko/services/torrent.nix index d0bc5ac..870b3e5 100644 --- a/machines/fuuko/services/torrent.nix +++ b/machines/fuuko/services/torrent.nix @@ -15,11 +15,6 @@ in fqdn = "torrent.sbruder.de"; }; - services.nginx.virtualHosts."torrent.sbruder.de" = { - enableACME = false; - forceSSL = false; - }; - networking.nftables.ruleset = '' table inet qbittorrent { chain output { diff --git a/machines/vueko/configuration.nix b/machines/vueko/configuration.nix index f1bb296..6112306 100644 --- a/machines/vueko/configuration.nix +++ b/machines/vueko/configuration.nix @@ -9,7 +9,6 @@ ./hardware-configuration.nix ../../modules - ./services/fuuko-proxy.nix ./services/media.nix ./services/murmur.nix ./services/restic.nix diff --git a/machines/vueko/services/fuuko-proxy.nix b/machines/vueko/services/fuuko-proxy.nix deleted file mode 100644 index 9c6ad90..0000000 --- a/machines/vueko/services/fuuko-proxy.nix +++ /dev/null @@ -1,26 +0,0 @@ -# SPDX-FileCopyrightText: 2022-2023 Simon Bruder -# -# SPDX-License-Identifier: AGPL-3.0-or-later - -{ lib, ... }: - -{ - services.nginx.virtualHosts = builtins.listToAttrs (map - (fqdn: lib.nameValuePair fqdn { - enableACME = true; - forceSSL = true; - - locations."/" = { - extraConfig = '' - proxy_pass http://fuuko.vpn.sbruder.de/; - proxy_set_header Host ${fqdn}; - ''; - proxyWebsockets = true; - }; - }) - [ - "media.sbruder.de" - "photoprism.sbruder.de" - "torrent.sbruder.de" - ]); -}