Liberate nkagami.me domains from Cloudflare origin cert requirement
This commit is contained in:
parent
2aa0ee2023
commit
6eb0b818f1
5 changed files with 13 additions and 4 deletions
|
@ -35,11 +35,13 @@ in
|
|||
# traefik
|
||||
cloud.traefik.hosts.bitwarden = {
|
||||
inherit port host;
|
||||
noCloudflare = true;
|
||||
};
|
||||
cloud.traefik.hosts.bitwarden-notifications = {
|
||||
inherit host;
|
||||
port = notificationsPort;
|
||||
path = "/notifications/hub";
|
||||
noCloudflare = true;
|
||||
};
|
||||
# systemd unit
|
||||
systemd.services.bitwarden-server = {
|
||||
|
@ -73,6 +75,7 @@ in
|
|||
AmbientCapabilities = "CAP_NET_BIND_SERVICE";
|
||||
StateDirectory = "bitwarden-server";
|
||||
};
|
||||
requires = [ "postgresql.service" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
};
|
||||
};
|
||||
|
|
|
@ -45,6 +45,10 @@ with lib;
|
|||
port = mkOption {
|
||||
type = types.int;
|
||||
};
|
||||
noCloudflare = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
};
|
||||
allow_registration = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
|
@ -145,7 +149,7 @@ with lib;
|
|||
config.cloud.traefik.hosts = mkIf cfg.enable (
|
||||
(lib.attrsets.mapAttrs'
|
||||
(name: instance: lib.attrsets.nameValuePair "conduit-${name}" ({
|
||||
inherit (instance) host port;
|
||||
inherit (instance) host port noCloudflare;
|
||||
}))
|
||||
cfg.instances)
|
||||
// (lib.attrsets.mapAttrs'
|
||||
|
|
|
@ -268,6 +268,7 @@ in
|
|||
cloud.traefik.hosts.maddy-mta-sts = {
|
||||
port = mtaStsPort;
|
||||
host = "mta-sts.nkagami.me";
|
||||
noCloudflare = true;
|
||||
};
|
||||
|
||||
# maddy itself
|
||||
|
|
|
@ -13,7 +13,6 @@ in
|
|||
};
|
||||
host = mkOption {
|
||||
type = types.str;
|
||||
default = "write.nkagami.me";
|
||||
description = "The hostname for the instance";
|
||||
};
|
||||
site.title = mkOption {
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue