diff options
| author | polwex <polwex@sortug.com> | 2025-05-14 19:14:35 +0000 |
|---|---|---|
| committer | polwex <polwex@sortug.com> | 2025-05-14 19:14:35 +0000 |
| commit | bf6c3caf10952e96f389623a3107a151ce3b8c30 (patch) | |
| tree | b06c0f349628adbc9d1fc0026ff93d7f883ce51f /hosts/cloud/hetzner/nginx.nix | |
| parent | 6dcb4af2623174c4c52202c7ea064f40a35091ed (diff) | |
m
Diffstat (limited to 'hosts/cloud/hetzner/nginx.nix')
| -rw-r--r-- | hosts/cloud/hetzner/nginx.nix | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/hosts/cloud/hetzner/nginx.nix b/hosts/cloud/hetzner/nginx.nix new file mode 100644 index 0000000..4a6d708 --- /dev/null +++ b/hosts/cloud/hetzner/nginx.nix @@ -0,0 +1,29 @@ +{ + config, + pkgs, + ... +}: { + security.acme.acceptTerms = true; + security.acme.defaults.email = "security@urbit.cam"; + services.nginx = { + enable = true; + virtualHosts."u.urbit.cloud" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:8080"; + # proxyWebsockets = true; # needed if you need to use WebSocket + extraConfig = '' + proxy_set_header Host $host; + proxy_set_header Forwarded $proxy_add_x_forwarded_for; + ''; + }; + extraConfig = '' + chunked_transfer_encoding off; + proxy_http_version 1.1; + proxy_buffering off; + proxy_cache off; + ''; + }; + }; +} |