bryan/nixos
0
0
Fork 0
mirror of https://github.com/itme-brain/nixos.git synced 2026-03-24 00:29:43 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

sshl

Browse source
This commit is contained in:
Bryan Ramos 2026-03-13 17:43:08 -04:00
parent 851a198428
commit 0a90e2f7b2
Signed by: bryan
GPG key ID: 6ABDCD144D6643C8
2 changed files with 21 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/system/modules/forgejo/default.nix
View file

@ -40,10 +40,14 @@ in
stateDir = "/var/lib/forgejo"; stateDir = "/var/lib/forgejo";
settings = { settings = {
service.REQUIRE_SIGNIN_VIEW = false;
server = { server = {
PROTOCOL = "http+unix"; PROTOCOL = "http+unix";
DOMAIN = "127.0.0.1"; DOMAIN = "git.ramos.codes";
HTTP_ADDR = "/run/forgejo/forgejo.sock"; HTTP_ADDR = "/run/forgejo/forgejo.sock";
SSH_DOMAIN = "git.ramos.codes";
SSH_PORT = 443;
START_SSH_SERVER = false;
}; };
}; };

15
src/system/modules/nginx/default.nix
View file

@ -54,6 +54,17 @@ in
}; };
}; };
services.sslh = {
enable = true;
settings = {
listen = [{ host = "0.0.0.0"; port = 443; }];
protocols = [
{ name = "ssh"; host = "127.0.0.1"; port = 22; probe = "builtin"; }
{ name = "tls"; host = "127.0.0.1"; port = 4443; probe = "builtin"; }
];
};
};
services.nginx = { services.nginx = {
enable = true; enable = true;
virtualHosts = virtualHosts =
@ -64,6 +75,10 @@ in
withSSL = hosts: mapAttrs (name: hostConfig: hostConfig // { withSSL = hosts: mapAttrs (name: hostConfig: hostConfig // {
inherit sslCertificate sslCertificateKey; inherit sslCertificate sslCertificateKey;
listen = [
{ addr = "127.0.0.1"; port = 4443; ssl = true; }
{ addr = "0.0.0.0"; port = 80; }
];
forceSSL = true; forceSSL = true;
}) hosts; }) hosts;