vps1: add outline service
All checks were successful
Check flake / build-amd64-linux (push) Successful in 4m20s
All checks were successful
Check flake / build-amd64-linux (push) Successful in 4m20s
This commit is contained in:
parent
48386a44c5
commit
bdefd4523a
GPG Key ID:
B8CFFF61F1CCF520
8
flake.lock
generated
8
flake.lock
generated
@ -688,11 +688,11 @@
|
|||||||
"secrets": {
|
"secrets": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1730732927,
|
"lastModified": 1740407512,
|
||||||
"narHash": "sha256-t3MTEgi6O7DMxMjdi3xcTAztLDQmEtqQ+oU+ZbWz2AI=",
|
"narHash": "sha256-Hy+8DoWLZUFfls5XwaMGPDOck2dDKyIrEgo9T+AkjjU=",
|
||||||
"ref": "refs/heads/master",
|
"ref": "refs/heads/master",
|
||||||
"rev": "4ae2ac777c38f60a29384b70c456f41847cdf1b5",
|
"rev": "4e69a52227a61bf4bfbfd9b781bef4bf1fa0bd2b",
|
||||||
"revCount": 28,
|
"revCount": 29,
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "ssh://git@git.vimium.com/jordan/nix-secrets.git"
|
"url": "ssh://git@git.vimium.com/jordan/nix-secrets.git"
|
||||||
},
|
},
|
||||||
|
|||||||
@ -2,6 +2,7 @@
|
|||||||
config,
|
config,
|
||||||
pkgs,
|
pkgs,
|
||||||
lib,
|
lib,
|
||||||
|
self,
|
||||||
...
|
...
|
||||||
}:
|
}:
|
||||||
|
|
||||||
@ -11,7 +12,10 @@
|
|||||||
../server.nix
|
../server.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
nixpkgs.hostPlatform = "x86_64-linux";
|
nixpkgs = {
|
||||||
|
hostPlatform = "x86_64-linux";
|
||||||
|
config.allowUnfree = true;
|
||||||
|
};
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
hostId = "08bf6db3";
|
hostId = "08bf6db3";
|
||||||
@ -86,6 +90,45 @@
|
|||||||
proxyPass = "https://127.0.0.1:3013";
|
proxyPass = "https://127.0.0.1:3013";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
"outline.vimium.com" = {
|
||||||
|
forceSSL = true;
|
||||||
|
enableACME = true;
|
||||||
|
locations."/" = {
|
||||||
|
proxyPass = "http://127.0.0.1:3000";
|
||||||
|
extraConfig = ''
|
||||||
|
proxy_set_header Upgrade $http_upgrade;
|
||||||
|
proxy_set_header Connection "Upgrade";
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Scheme $scheme;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
proxy_redirect off;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
age.secrets."passwords/services/outline/oidc-client-secret" = {
|
||||||
|
file = "${self.inputs.secrets}/passwords/services/outline/oidc-client-secret.age";
|
||||||
|
owner = "outline";
|
||||||
|
group = "outline";
|
||||||
|
};
|
||||||
|
|
||||||
|
services.outline = {
|
||||||
|
enable = true;
|
||||||
|
forceHttps = false;
|
||||||
|
oidcAuthentication = {
|
||||||
|
clientId = "outline";
|
||||||
|
clientSecretFile = config.age.secrets."passwords/services/outline/oidc-client-secret".path;
|
||||||
|
displayName = "Vimium";
|
||||||
|
authUrl = "https://auth.vimium.com/ui/oauth2";
|
||||||
|
tokenUrl = "https://auth.vimium.com/oauth2/token";
|
||||||
|
userinfoUrl = "https://auth.vimium.com/oauth2/openid/outline/userinfo";
|
||||||
|
};
|
||||||
|
publicUrl = "https://outline.vimium.com";
|
||||||
|
storage.storageType = "local";
|
||||||
};
|
};
|
||||||
|
|
||||||
modules = rec {
|
modules = rec {
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user