TFC/tfc-nixos
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

grrrrrrr

Browse source
This commit is contained in:
Chris Cochrun 2025-05-17 23:12:32 -05:00
parent 0eb8c89d56
commit f66458041d
2 changed files with 9 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
modules/keycloak.nix
View file

@ -12,7 +12,7 @@ with lib;
settings = { settings = {
hostname = dn; hostname = dn;
http-port = 8787; http-port = 8787;
https-port = 8788; # https-port = 8788;
http-enabled = true; http-enabled = true;
hostname-strict-https = false; hostname-strict-https = false;
proxy-headers = "forwarded"; proxy-headers = "forwarded";
@ -20,12 +20,19 @@ with lib;
}; };
database.passwordFile = "/keycloakbd"; database.passwordFile = "/keycloakbd";
}; };
nginx.virtualHosts.${dn} = { nginx.virtualHosts.${dn} = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
locations = { locations = {
"/" = { "/" = {
proxyPass = "http://localhost:${toString config.services.keycloak.settings.http-port}"; proxyPass = "http://localhost:${toString config.services.keycloak.settings.http-port}";
extraConfig = ''
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
'';
}; };
}; };
}; };

1
system/shen/configuration.nix
View file

@ -131,6 +131,7 @@ in
recommendedProxySettings = true; recommendedProxySettings = true;
recommendedGzipSettings = true; recommendedGzipSettings = true;
recommendedOptimisation = true; recommendedOptimisation = true;
virtualHosts."tfcconnection.org" = { virtualHosts."tfcconnection.org" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;