Browse Source

tunnels: Respect `phoebe.security.enable' like other services

This allows one to deploy to a virtual machine for testing.
master
Peter J. Jones 4 months ago
parent
commit
ea9e99d760
Signed by: Peter Jones <pjones@devalot.com> GPG Key ID: 9DAFAA8D01941E49
1 changed files with 3 additions and 3 deletions
  1. 3
    3
      modules/services/web/tunnels/default.nix

+ 3
- 3
modules/services/web/tunnels/default.nix View File

@@ -58,8 +58,8 @@ let
# Create an nginx virtual host for a tunnel account:
virtualHost = account: tunnel: {
"${tunnel.subdomain}.${cfg.hostName}" = {
forceSSL = true;
enableACME = true;
forceSSL = config.phoebe.security.enable;
enableACME = config.phoebe.security.enable;
root = "/var/empty";
locations."/".proxyPass = "http://127.0.0.1:${toString tunnel.serverPort}";
};
@@ -133,7 +133,7 @@ in
# Configure a web server to reverse proxy connections to SSH:
services.nginx = {
enable = true;
recommendedTlsSettings = true;
recommendedTlsSettings = config.phoebe.security.enable;
recommendedOptimisation = true;
recommendedGzipSettings = true;
recommendedProxySettings = true;

Loading…
Cancel
Save