chris/sneeuwvlok
chris/sneeuwvlok
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

.
Some checks failed
Test action / kaas (push) Failing after 1s
Details

Browse source
This commit is contained in:
Chris Kruining 2026-03-23 12:36:32 +01:00
parent 478f26a9b8
commit 2bbbe03444
No known key found for this signature in database
GPG key ID: EB894A3560CCCAD2
4 changed files with 29 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

4
modules/nixos/services/authentication/zitadel/default.nix
View file

@ -543,12 +543,12 @@ in
networking.caddy = {
hosts = {
"auth.kruining.eu" = ''
reverse_proxy h2c://::1:9092
reverse_proxy h2c://[::1]:9092
'';
};
extraConfig = ''
(auth) {
forward_auth h2c://::1:9092 {
forward_auth h2c://[::1]:9092 {
uri /api/authz/forward-auth
copy_headers Remote-User Remote-Groups Remote-Email Remote-Name
}

4
modules/nixos/services/communication/matrix/default.nix
View file

@ -89,8 +89,8 @@ in {
'';
"${fqn}" = ''
reverse_proxy /_matrix/* http://::1:${toString port}
reverse_proxy /_synapse/client/* http://::1:${toString port}
reverse_proxy /_matrix/* http://[::1]:${toString port}
reverse_proxy /_synapse/client/* http://[::1]:${toString port}
'';
};
};

14
modules/nixos/services/networking/caddy/default.nix
View file

@ -10,6 +10,15 @@
cfg = config.${namespace}.services.networking.caddy;
hasHosts = (cfg.hosts |> attrNames |> length) > 0;
caddyBase = pkgs.callPackage "${pkgs.path}/pkgs/by-name/ca/caddy/package.nix" {
buildGo125Module = pkgs.buildGo126Module;
caddy = caddyBase;
};
caddyPackage =
caddyBase.withPlugins {
plugins = ["github.com/corazawaf/coraza-caddy/v2@v2.1.0"];
hash = "sha256-pSXjLaZoRtKV3eFl2ySRSjl3yxi514G1Cb7pfrpxxtE=";
};
in {
options.${namespace}.services.networking.caddy = {
enable = mkEnableOption "enable caddy" // {default = true;};
@ -27,10 +36,7 @@ in {
services.caddy = {
enable = cfg.enable;
package = pkgs.caddy.withPlugins {
plugins = ["github.com/corazawaf/coraza-caddy/v2@v2.1.0"];
hash = "sha256-pSXjLaZoRtKV3eFl2ySRSjl3yxi514G1Cb7pfrpxxtE=";
};
package = caddyPackage;
virtualHosts =
cfg.hosts

19
modules/nixos/services/observability/promtail/default.nix
View file

@ -1,11 +1,15 @@
{ pkgs, config, lib, namespace, ... }:
let
{
pkgs,
config,
lib,
namespace,
...
}: let
inherit (lib.modules) mkIf;
inherit (lib.options) mkEnableOption;
cfg = config.${namespace}.services.observability.promtail;
in
{
in {
options.${namespace}.services.observability.promtail = {
enable = mkEnableOption "enable Grafana Promtail";
};
@ -31,7 +35,7 @@ in
clients = [
{
url = "http://::1:9003/loki/api/v1/push";
url = "http://[::1]:9003/loki/api/v1/push";
}
];
@ -46,7 +50,10 @@ in
};
};
relabel_configs = [
{ source_labels = [ "__journal__systemd_unit" ]; target_label = "unit"; }
{
source_labels = ["__journal__systemd_unit"];
target_label = "unit";
}
];
}
];