add nginx

author: Mike Vink <ivi@vinkies.net> 2024-01-09 01:52:12 +0100
committer: Mike Vink <ivi@vinkies.net> 2024-01-09 01:52:12 +0100
commit: a20ca17ece0f463bf62673c332d2f247b96faf39 (patch)
tree: 424ed8a1e8f020b667668cd6371f0b347393a261
parent: 2b922d62443b28e199b2bfa49f214f4e9b167947 (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/profiles/homeserver/nginx.nix b/profiles/homeserver/nginx.nix
index cd847ba..293ae8d 100644
--- a/profiles/homeserver/nginx.nix
+++ b/profiles/homeserver/nginx.nix
@@ -4,6 +4,8 @@
     type = types.attrsOf (types.submodule ({ name, ... }: {
       config = mkIf (name != "default") {
         forceSSL = mkDefault true;
+        sslCertificateKey = "/var/lib/acme/vinkies.net/key.pem";
+        sslCertificate = "/var/lib/acme/vinkies.net/fullchain.pem";
       };
     }));
   };
@@ -15,7 +17,19 @@
       recommendedProxySettings = true;
       recommendedGzipSettings = true;
       recommendedOptimisation = true;
+      virtualHosts."cal.${ivi.domain}"  = {
+          locations."/" = {
+            proxyPass = "http://127.0.0.1:5232";
+          };
+      };
+    };
+    systemd.services.nginx.serviceConfig = {
+      SupplementaryGroups = [ "acme" ];
     };
     networking.firewall.allowedTCPPorts = [ 80 443 ];
+    services.radicale = {
+        enable = true;
+        settings.server.hosts = [ "0.0.0.0:5232" ];
+    };
   };
 }
author	Mike Vink <ivi@vinkies.net>	2024-01-09 01:52:12 +0100
committer	Mike Vink <ivi@vinkies.net>	2024-01-09 01:52:12 +0100
commit	a20ca17ece0f463bf62673c332d2f247b96faf39 (patch)
tree	424ed8a1e8f020b667668cd6371f0b347393a261
parent	2b922d62443b28e199b2bfa49f214f4e9b167947 (diff)