forked from fediversity/fediversity
		
	Proxy Peertube behind Nginx
This commit is contained in:
		
							parent
							
								
									00382102ba
								
							
						
					
					
						commit
						9e234e7b2d
					
				
					 1 changed files with 9 additions and 2 deletions
				
			
		|  | @ -8,7 +8,7 @@ in | ||||||
| { config, lib, pkgs, ... }: | { config, lib, pkgs, ... }: | ||||||
| 
 | 
 | ||||||
| lib.mkIf (config.fediversity.enable && config.fediversity.peertube.enable) { | lib.mkIf (config.fediversity.enable && config.fediversity.peertube.enable) { | ||||||
|   networking.firewall.allowedTCPPorts = [ 80 9000 ]; |   networking.firewall.allowedTCPPorts = [ 80 443 ]; | ||||||
| 
 | 
 | ||||||
|   services.garage = { |   services.garage = { | ||||||
|     ensureBuckets = { |     ensureBuckets = { | ||||||
|  | @ -59,7 +59,6 @@ lib.mkIf (config.fediversity.enable && config.fediversity.peertube.enable) { | ||||||
|     # TODO: in most of nixpkgs, these are true by default. upstream that unless there's a good reason not to. |     # TODO: in most of nixpkgs, these are true by default. upstream that unless there's a good reason not to. | ||||||
|     redis.createLocally = true; |     redis.createLocally = true; | ||||||
|     database.createLocally = true; |     database.createLocally = true; | ||||||
|     configureNginx = true; |  | ||||||
| 
 | 
 | ||||||
|     secrets.secretsFile = config.fediversity.temp.peertubeSecretsFile; |     secrets.secretsFile = config.fediversity.temp.peertubeSecretsFile; | ||||||
| 
 | 
 | ||||||
|  | @ -96,4 +95,12 @@ lib.mkIf (config.fediversity.enable && config.fediversity.peertube.enable) { | ||||||
|     AWS_ACCESS_KEY_ID=${snakeoil_key.id} |     AWS_ACCESS_KEY_ID=${snakeoil_key.id} | ||||||
|     AWS_SECRET_ACCESS_KEY=${snakeoil_key.secret} |     AWS_SECRET_ACCESS_KEY=${snakeoil_key.secret} | ||||||
|   ''; |   ''; | ||||||
|  | 
 | ||||||
|  |   ## Proxying through Nginx | ||||||
|  | 
 | ||||||
|  |   services.peertube.configureNginx = true; | ||||||
|  |   services.nginx.virtualHosts.${config.services.peertube.localDomain} = { | ||||||
|  |     forceSSL = true; | ||||||
|  |     enableACME = true; | ||||||
|  |   }; | ||||||
| } | } | ||||||
|  |  | ||||||
		Loading…
	
	Add table
		
		Reference in a new issue
	
	 Valentin Gagarin
							Valentin Gagarin