TFC/tfc-nixos
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

grrrrrrr

Browse source
This commit is contained in:
Chris Cochrun 2025-05-17 23:12:32 -05:00
parent 0eb8c89d56
commit f66458041d
2 changed files with 9 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
modules/keycloak.nix
View file

@ -12,7 +12,7 @@ with lib;
settings = {
hostname = dn;
http-port = 8787;
https-port = 8788;
# https-port = 8788;
http-enabled = true;
hostname-strict-https = false;
proxy-headers = "forwarded";
@ -20,12 +20,19 @@ with lib;
};
database.passwordFile = "/keycloakbd";
};
nginx.virtualHosts.${dn} = {
forceSSL = true;
enableACME = true;
locations = {
"/" = {
proxyPass = "http://localhost:${toString config.services.keycloak.settings.http-port}";
extraConfig = ''
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
'';
};
};
};

1
system/shen/configuration.nix
View file

@ -131,6 +131,7 @@ in
recommendedProxySettings = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
virtualHosts."tfcconnection.org" = {
forceSSL = true;
enableACME = true;