Compare commits
2 commits
6111ec165b
...
81e1574023
| Author | SHA1 | Date | |
|---|---|---|---|
|
81e1574023 | ||
|
|
f62fa502db |
5 changed files with 27 additions and 9 deletions
|
|
@ -1,4 +1,7 @@
|
||||||
|
|
||||||
try-again:
|
try-again:
|
||||||
nix flake update amarth-customer-portal
|
nix flake update amarth-customer-portal
|
||||||
nix flake check --all-systems --show-trace
|
nix flake check --all-systems --show-trace
|
||||||
|
|
||||||
|
update machine:
|
||||||
|
nixos-rebuild switch --use-remote-sudo --target-host {{ machine }} --flake .#{{ machine }}
|
||||||
|
|
@ -117,12 +117,12 @@ in
|
||||||
enable = true;
|
enable = true;
|
||||||
virtualHosts = {
|
virtualHosts = {
|
||||||
"auth.kruining.eu".extraConfig = ''
|
"auth.kruining.eu".extraConfig = ''
|
||||||
reverse_proxy h2c://127.0.0.1:9092
|
reverse_proxy h2c://::1:9092
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
(auth-z) {
|
(auth) {
|
||||||
forward_auth h2c://127.0.0.1:9092 {
|
forward_auth h2c://::1:9092 {
|
||||||
uri /api/authz/forward-auth
|
uri /api/authz/forward-auth
|
||||||
copy_headers Remote-User Remote-Groups Remote-Email Remote-Name
|
copy_headers Remote-User Remote-Groups Remote-Email Remote-Name
|
||||||
}
|
}
|
||||||
|
|
@ -130,6 +130,8 @@ in
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||||
|
|
||||||
# Secrets
|
# Secrets
|
||||||
sops.secrets."zitadel/masterKey" = {
|
sops.secrets."zitadel/masterKey" = {
|
||||||
|
|
|
||||||
|
|
@ -23,7 +23,7 @@ in
|
||||||
common = {
|
common = {
|
||||||
ring = {
|
ring = {
|
||||||
instance_addr = "127.0.0.1";
|
instance_addr = "127.0.0.1";
|
||||||
kvstore.store = "inmmemory";
|
kvstore.store = "inmemory";
|
||||||
};
|
};
|
||||||
replication_factor = 1;
|
replication_factor = 1;
|
||||||
path_prefix = "/tmp/loki";
|
path_prefix = "/tmp/loki";
|
||||||
|
|
|
||||||
|
|
@ -29,9 +29,11 @@ in
|
||||||
filename = "filename";
|
filename = "filename";
|
||||||
};
|
};
|
||||||
|
|
||||||
clients = {
|
clients = [
|
||||||
url = "http://127.0.0.1:3100/loki/api/v1/push";
|
{
|
||||||
};
|
url = "http://::1:9003/loki/api/v1/push";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
scrape_configs = [
|
scrape_configs = [
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -25,9 +25,20 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Expose amarht cloud stuff like this until I have a proper solution
|
||||||
|
services.caddy.virtualHosts = {
|
||||||
|
"auth.amarth.cloud".extraConfig = ''
|
||||||
|
reverse_proxy http://192.168.1.223:9092
|
||||||
|
'';
|
||||||
|
|
||||||
|
"amarth.cloud".extraConfig = ''
|
||||||
|
reverse_proxy http://192.168.1.223:8080
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
sneeuwvlok = {
|
sneeuwvlok = {
|
||||||
services = {
|
services = {
|
||||||
authentication.authelia.enable = true;
|
# authentication.authelia.enable = true;
|
||||||
authentication.zitadel.enable = true;
|
authentication.zitadel.enable = true;
|
||||||
|
|
||||||
communication.matrix.enable = true;
|
communication.matrix.enable = true;
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue