efim
/
planning-poker-gwargh
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: efim:e4edffd69f0e53fac865c2dea5c446833b44b777
Branches Tags
efim:master
..
compare: efim:fe9794a796d674366f566e798cad6f81ee0ac148
Branches Tags
efim:master

No commits in common. "e4edffd69f0e53fac865c2dea5c446833b44b777" and "fe9794a796d674366f566e798cad6f81ee0ac148" have entirely different histories.
e4edffd69f ... fe9794a796

1 changed files with 7 additions and 12 deletions
Show Stats Expand all files Collapse all files

19
flake.nix
View File

@ -72,12 +72,6 @@
default = true;
description = "Whether to use Nginx to proxy requests.";
};
useHostTls = lib.mkOption {
type = lib.types.bool;
default = false;
description =
"Whether virtual host should enable NixOS ACME certs";
};
};
config.users = lib.mkIf cfg.enable {
groups."${backendName}" = { };
@ -105,22 +99,23 @@
Group = "${backendName}";
};
};
config.services.nginx.virtualHosts.${cfg.host} = {
forceSSL = cfg.useHostTls;
enableACME = cfg.useHostTls;
locations."/api" = lib.mkIf cfg.enable {
config.services.nginx.virtualHosts.${cfg.host}.locations."/api" =
lib.mkIf cfg.enable {
proxyPass = "http://127.0.0.1:${toString cfg.port}";
# this is config for websocket
proxyWebsockets = true;
extraConfig = ''
rewrite ^/api/(.*)$ /$1 break;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Add the following lines for WebSocket support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
'';
};
};
};
});
# see https://serokell.io/blog/practical-nix-flakes