motiejus/config
1
Fork 0
Code Packages Releases Activity

remove tls from hass

Browse Source
This commit is contained in:
Motiejus Jakštys 2024-08-02 16:32:04 +03:00
parent df212bdc8c
commit c440ee3043
1 changed files with 1 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
hosts/vno1-oh2/configuration.nix
View File

@ -172,7 +172,6 @@
zones = { zones = {
"irc.jakstys.lt".accountKey = accountKey; "irc.jakstys.lt".accountKey = accountKey;
"hdd.jakstys.lt".accountKey = accountKey; "hdd.jakstys.lt".accountKey = accountKey;
"hass.jakstys.lt".accountKey = accountKey;
"grafana.jakstys.lt".accountKey = accountKey; "grafana.jakstys.lt".accountKey = accountKey;
"bitwarden.jakstys.lt".accountKey = accountKey; "bitwarden.jakstys.lt".accountKey = accountKey;
}; };
@ -238,11 +237,10 @@
"git.jakstys.lt".extraConfig = ''reverse_proxy http://${ "git.jakstys.lt".extraConfig = ''reverse_proxy http://${
myData.hosts."fwminex.servers.jakst".vno1IP myData.hosts."fwminex.servers.jakst".vno1IP
}''; }'';
"hass.jakstys.lt".extraConfig = '' "hass.jakstys.lt:80".extraConfig = ''
@denied not remote_ip ${myData.subnets.tailscale.cidr} @denied not remote_ip ${myData.subnets.tailscale.cidr}
abort @denied abort @denied
reverse_proxy 127.0.0.1:8123 reverse_proxy 127.0.0.1:8123
tls {$CREDENTIALS_DIRECTORY}/hass.jakstys.lt-cert.pem {$CREDENTIALS_DIRECTORY}/hass.jakstys.lt-key.pem
''; '';
"grafana.jakstys.lt".extraConfig = '' "grafana.jakstys.lt".extraConfig = ''
@denied not remote_ip ${myData.subnets.tailscale.cidr} @denied not remote_ip ${myData.subnets.tailscale.cidr}
@ -534,7 +532,6 @@
caddy = caddy =
let let
irc = config.mj.services.nsd-acme.zones."irc.jakstys.lt"; irc = config.mj.services.nsd-acme.zones."irc.jakstys.lt";
hass = config.mj.services.nsd-acme.zones."hass.jakstys.lt";
grafana = config.mj.services.nsd-acme.zones."grafana.jakstys.lt"; grafana = config.mj.services.nsd-acme.zones."grafana.jakstys.lt";
bitwarden = config.mj.services.nsd-acme.zones."bitwarden.jakstys.lt"; bitwarden = config.mj.services.nsd-acme.zones."bitwarden.jakstys.lt";
in in
@ -542,8 +539,6 @@
serviceConfig.LoadCredential = [ serviceConfig.LoadCredential = [
"irc.jakstys.lt-cert.pem:${irc.certFile}" "irc.jakstys.lt-cert.pem:${irc.certFile}"
"irc.jakstys.lt-key.pem:${irc.keyFile}" "irc.jakstys.lt-key.pem:${irc.keyFile}"
"hass.jakstys.lt-cert.pem:${hass.certFile}"
"hass.jakstys.lt-key.pem:${hass.keyFile}"
"grafana.jakstys.lt-cert.pem:${grafana.certFile}" "grafana.jakstys.lt-cert.pem:${grafana.certFile}"
"grafana.jakstys.lt-key.pem:${grafana.keyFile}" "grafana.jakstys.lt-key.pem:${grafana.keyFile}"
"bitwarden.jakstys.lt-cert.pem:${bitwarden.certFile}" "bitwarden.jakstys.lt-cert.pem:${bitwarden.certFile}"
@ -551,13 +546,11 @@
]; ];
after = [ after = [
"nsd-acme-irc.jakstys.lt.service" "nsd-acme-irc.jakstys.lt.service"
"nsd-acme-hass.jakstys.lt.service"
"nsd-acme-grafana.jakstys.lt.service" "nsd-acme-grafana.jakstys.lt.service"
"nsd-acme-bitwarden.jakstys.lt.service" "nsd-acme-bitwarden.jakstys.lt.service"
]; ];
requires = [ requires = [
"nsd-acme-irc.jakstys.lt.service" "nsd-acme-irc.jakstys.lt.service"
"nsd-acme-hass.jakstys.lt.service"
"nsd-acme-grafana.jakstys.lt.service" "nsd-acme-grafana.jakstys.lt.service"
"nsd-acme-bitwarden.jakstys.lt.service" "nsd-acme-bitwarden.jakstys.lt.service"
]; ];
@ -639,7 +632,6 @@
pathConfig = { pathConfig = {
PathChanged = [ PathChanged = [
config.mj.services.nsd-acme.zones."irc.jakstys.lt".certFile config.mj.services.nsd-acme.zones."irc.jakstys.lt".certFile
config.mj.services.nsd-acme.zones."hass.jakstys.lt".certFile
config.mj.services.nsd-acme.zones."grafana.jakstys.lt".certFile config.mj.services.nsd-acme.zones."grafana.jakstys.lt".certFile
config.mj.services.nsd-acme.zones."bitwarden.jakstys.lt".certFile config.mj.services.nsd-acme.zones."bitwarden.jakstys.lt".certFile
]; ];