From 9753346efc025e8f6500adbc483e1c1339eea166 Mon Sep 17 00:00:00 2001 From: Alan Pearce Date: Thu, 27 Jun 2024 11:23:00 +0200 Subject: dev: enable testing acme clients and forwarding behaviour --- system/settings/dev.nix | 92 ++++++++++++++++++++++++++----------------------- 1 file changed, 48 insertions(+), 44 deletions(-) (limited to 'system/settings') diff --git a/system/settings/dev.nix b/system/settings/dev.nix index 8d246c15..7d2e6193 100644 --- a/system/settings/dev.nix +++ b/system/settings/dev.nix @@ -1,58 +1,62 @@ -{ config -, lib -, pkgs -, ... -}: { - networking = lib.mkIf pkgs.stdenv.isLinux { - hosts = { - "127.0.0.80" = [ "alanpearce.test" ]; - }; - }; +{ ... }: { services.caddy = { enable = true; - virtualHosts = { - "localhost" = { - extraConfig = '' + globalConfig = '' + auto_https disable_redirects + ''; + virtualHosts = + let + local_tls = '' tls { issuer internal { ca local } } - acme_server { - allow { - domains *.test - } - } ''; - }; - "alanpearce.test" = { - serverAliases = [ "alanpearce.localhost" ]; - extraConfig = '' - tls { - issuer internal { - ca local + in + { + "localhost" = { + logFormat = "output discard"; + extraConfig = '' + ${local_tls} + acme_server { + allow { + domains *.test *.localhost + } } - } - reverse_proxy http://alanpearce.test:3000 { - header_up Host alanpearce.test - transport http { - dial_timeout 1s - compression off + ''; + }; + # need to test forwarding behaviour + "https://alanpearce.localhost" = { + logFormat = "output discard"; + serverAliases = [ + "http://alanpearce.localhost" + + # remember to update /etc/hosts + "https://alanpearce.test" + "http://alanpearce.test" + ]; + extraConfig = '' + ${local_tls} + reverse_proxy http://alanpearce.test:8080 { + transport http { + dial_timeout 1s + compression off + } } - } - redir / https://alanpearce.test:8443 302 - ''; - }; - "searchix.localhost" = { - extraConfig = '' - reverse_proxy http://localhost:7331 { - transport http { - dial_timeout 1s - compression off + ''; + }; + "searchix.localhost" = { + logFormat = "output discard"; + extraConfig = '' + reverse_proxy http://localhost:7331 { + transport http { + dial_timeout 1s + compression off + } } - } - ''; + ''; + }; }; - }; }; } -- cgit 1.4.1