diff options
author | Alan Pearce | 2024-06-27 01:21:32 +0200 |
---|---|---|
committer | Alan Pearce | 2024-06-27 01:21:32 +0200 |
commit | aaf13ed811404b1455bf9cd0551957fcdc58e587 (patch) | |
tree | f2eb542eb283acc1ce335480a28164ee1d570a82 /system | |
parent | a8b679b21cfe5c2812f618022d7d0254e112c8bf (diff) | |
download | nixfiles-aaf13ed811404b1455bf9cd0551957fcdc58e587.tar.lz nixfiles-aaf13ed811404b1455bf9cd0551957fcdc58e587.tar.zst nixfiles-aaf13ed811404b1455bf9cd0551957fcdc58e587.zip |
dev: allow website to use acme to provision own cert
Diffstat (limited to 'system')
-rw-r--r-- | system/settings/dev.nix | 32 |
1 files changed, 25 insertions, 7 deletions
diff --git a/system/settings/dev.nix b/system/settings/dev.nix index e975c214..8d246c15 100644 --- a/system/settings/dev.nix +++ b/system/settings/dev.nix @@ -1,7 +1,13 @@ { config +, lib , pkgs , ... }: { + networking = lib.mkIf pkgs.stdenv.isLinux { + hosts = { + "127.0.0.80" = [ "alanpearce.test" ]; + }; + }; services.caddy = { enable = true; virtualHosts = { @@ -12,17 +18,29 @@ ca local } } - acme_server + acme_server { + allow { + domains *.test + } + } ''; }; - "alanpearce.localhost" = { + "alanpearce.test" = { + serverAliases = [ "alanpearce.localhost" ]; extraConfig = '' - reverse_proxy h2c://alanpearce.localhost:3000 { - transport http { - dial_timeout 1s - compression off - } + tls { + issuer internal { + ca local } + } + reverse_proxy http://alanpearce.test:3000 { + header_up Host alanpearce.test + transport http { + dial_timeout 1s + compression off + } + } + redir / https://alanpearce.test:8443 302 ''; }; "searchix.localhost" = { |