Merge branch 'hetzner'

hi
author: polwex <polwex@sortug.com> 2025-05-17 07:22:02 +0000
committer: polwex <polwex@sortug.com> 2025-05-17 07:22:02 +0000
commit: bb5002c60d57600ecb812720106a88df80d07362 (patch)
tree: 94a9800ffcd46da579a784ace3dc5ac0c7e574f8 /hosts/cloud/hetzner/nginx.nix
parent: 6dcb4af2623174c4c52202c7ea064f40a35091ed (diff)
parent: f56280c419a9f6c3571739f615d31f7cdae95869 (diff)
1 files changed, 29 insertions, 0 deletions
diff --git a/hosts/cloud/hetzner/nginx.nix b/hosts/cloud/hetzner/nginx.nix
new file mode 100644
index 0000000..4a6d708
--- /dev/null
+++ b/hosts/cloud/hetzner/nginx.nix
@@ -0,0 +1,29 @@
+{
+  config,
+  pkgs,
+  ...
+}: {
+  security.acme.acceptTerms = true;
+  security.acme.defaults.email = "security@urbit.cam";
+  services.nginx = {
+    enable = true;
+    virtualHosts."u.urbit.cloud" = {
+      enableACME = true;
+      forceSSL = true;
+      locations."/" = {
+        proxyPass = "http://127.0.0.1:8080";
+        # proxyWebsockets = true; # needed if you need to use WebSocket
+        extraConfig = ''
+          proxy_set_header Host $host;
+          proxy_set_header Forwarded $proxy_add_x_forwarded_for;
+        '';
+      };
+      extraConfig = ''
+        chunked_transfer_encoding off;
+        proxy_http_version 1.1;
+        proxy_buffering off;
+        proxy_cache off;
+      '';
+    };
+  };
+}
author	polwex <polwex@sortug.com>	2025-05-17 07:22:02 +0000
committer	polwex <polwex@sortug.com>	2025-05-17 07:22:02 +0000
commit	bb5002c60d57600ecb812720106a88df80d07362 (patch)
tree	94a9800ffcd46da579a784ace3dc5ac0c7e574f8 /hosts/cloud/hetzner/nginx.nix
parent	6dcb4af2623174c4c52202c7ea064f40a35091ed (diff)
parent	f56280c419a9f6c3571739f615d31f7cdae95869 (diff)