Compare commits
1 Commits
compare_br
...
working
| Author | SHA1 | Date | |
|---|---|---|---|
| f2386a851e |
@@ -216,7 +216,7 @@
|
|||||||
flags = "--performance";
|
flags = "--performance";
|
||||||
};
|
};
|
||||||
tailscale = {
|
tailscale = {
|
||||||
enable = false;
|
enable = true;
|
||||||
};
|
};
|
||||||
udisks = {
|
udisks = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|||||||
@@ -214,7 +214,7 @@
|
|||||||
flags = "--performance";
|
flags = "--performance";
|
||||||
};
|
};
|
||||||
tailscale = {
|
tailscale = {
|
||||||
enable = false;
|
enable = true;
|
||||||
};
|
};
|
||||||
udisks = {
|
udisks = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|||||||
@@ -54,14 +54,10 @@ in {
|
|||||||
authentikEnv = {
|
authentikEnv = {
|
||||||
file = "${self}/secrets/authentikEnv.age";
|
file = "${self}/secrets/authentikEnv.age";
|
||||||
owner = "authentik";
|
owner = "authentik";
|
||||||
group = "authentik";
|
|
||||||
mode = "0400";
|
|
||||||
};
|
};
|
||||||
authentikCloudflared = {
|
authentikCloudflared = {
|
||||||
file = "${self}/secrets/authentikCloudflared.age";
|
file = "${self}/secrets/authentikCloudflared.age";
|
||||||
owner = "authentik";
|
owner = "authentik";
|
||||||
group = "authentik";
|
|
||||||
mode = "0400";
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
@@ -103,7 +99,7 @@ in {
|
|||||||
middlewares = {
|
middlewares = {
|
||||||
authentik = {
|
authentik = {
|
||||||
forwardAuth = {
|
forwardAuth = {
|
||||||
# tls.insecureSkipVerify = true;
|
tls.insecureSkipVerify = true;
|
||||||
address = "https://localhost:9443/outpost.goauthentik.io/auth/traefik";
|
address = "https://localhost:9443/outpost.goauthentik.io/auth/traefik";
|
||||||
trustForwardHeader = true;
|
trustForwardHeader = true;
|
||||||
authResponseHeaders = [
|
authResponseHeaders = [
|
||||||
@@ -119,7 +115,6 @@ in {
|
|||||||
"X-authentik-meta-app"
|
"X-authentik-meta-app"
|
||||||
"X-authentik-meta-version"
|
"X-authentik-meta-version"
|
||||||
];
|
];
|
||||||
timeout = "10s";
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|||||||
@@ -4,18 +4,11 @@
|
|||||||
pkgs,
|
pkgs,
|
||||||
self,
|
self,
|
||||||
...
|
...
|
||||||
}:
|
}: let
|
||||||
let
|
inherit (lib) mkOption mkEnableOption mkIf types;
|
||||||
inherit (lib)
|
|
||||||
mkOption
|
|
||||||
mkEnableOption
|
|
||||||
mkIf
|
|
||||||
types
|
|
||||||
;
|
|
||||||
cfg = config.server.www;
|
cfg = config.server.www;
|
||||||
srv = config.server;
|
srv = config.server;
|
||||||
in
|
in {
|
||||||
{
|
|
||||||
options.server.www = {
|
options.server.www = {
|
||||||
enable = mkEnableOption {
|
enable = mkEnableOption {
|
||||||
description = "Enable personal website";
|
description = "Enable personal website";
|
||||||
@@ -124,14 +117,14 @@ in
|
|||||||
|
|
||||||
services.traefik.dynamicConfigOptions.http = {
|
services.traefik.dynamicConfigOptions.http = {
|
||||||
routers.webfinger = {
|
routers.webfinger = {
|
||||||
entryPoints = [ "websecure" ];
|
entryPoints = ["websecure"];
|
||||||
rule = "Host(`${cfg.url}`) && Path(`/.well-known/webfinger`)";
|
rule = "Host(`${cfg.url}`) && Path(`/.well-known/webfinger`)";
|
||||||
service = "webfinger";
|
service = "webfinger";
|
||||||
tls.certResolver = "letsencrypt";
|
tls.certResolver = "letsencrypt";
|
||||||
};
|
};
|
||||||
|
|
||||||
services.webfinger.loadBalancer.servers = [
|
services.webfinger.loadBalancer.servers = [
|
||||||
{ url = "http://127.0.0.1:8283"; }
|
{url = "http://127.0.0.1:8283";}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|||||||
@@ -11,7 +11,7 @@
|
|||||||
enable = true;
|
enable = true;
|
||||||
};
|
};
|
||||||
chromium = {
|
chromium = {
|
||||||
enable = false;
|
enable = true;
|
||||||
};
|
};
|
||||||
discord = {
|
discord = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|||||||
Reference in New Issue
Block a user