foodogsquared/nixos-config
1
0
Fork 0
mirror of https://github.com/foo-dogsquared/nixos-config.git synced 2025-01-31 10:58:02 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

hosts/plover: update Keycloak reverse proxy config

Browse Source 
Now that a tunneling service is here, there's not much need to expose
the whole thing.
This commit is contained in:
Gabriel Arazas 2023-01-18 20:20:12 +08:00
parent 9a941dc543
commit ceb821f2c0
1 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
hosts/plover/modules/services/keycloak.nix
View File

@ -69,9 +69,15 @@ in
services.nginx.virtualHosts."${authDomain}" = { services.nginx.virtualHosts."${authDomain}" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
locations."/" = {
proxyPass = "http://localhost:${toString config.services.keycloak.settings.http-port}"; # This is based from the reverse proxy guide from the official
}; # documentation at https://www.keycloak.org/server/reverseproxy.
locations = let
keycloakPath = path: "http://localhost:${toString config.services.keycloak.settings.http-port}";
in
lib.listToAttrs
(appPath: lib.nameValuePair appPath { proxyPass = keycloakPath appPath; })
[ "/js/" "/realms/" "/resources/" "/robots.txt" ];
}; };
# Configuring fail2ban for this services which is only present as a neat # Configuring fail2ban for this services which is only present as a neat