Remilia: added a reverse proxy for Gitea SSH

2022-01-15 05:31:07 +05:30
parent c9e1f60665
commit 3692fea7f1
4 changed files with 64 additions and 52 deletions
--- a/hosts/remilia/networking.nix
+++ b/hosts/remilia/networking.nix
@@ -11,6 +11,7 @@
            80 81
            443 444
            993 465 143 25 
+            22001
          ];
          allowedUDPPorts = [ 17840 ];
        };
--- a/hosts/remilia/services.nix
+++ b/hosts/remilia/services.nix
@@ -1,13 +1,14 @@
 {config, pkgs, ...}:
 {
  services = {
-    openssh = { enable = true;
+    openssh = {
+      enable = true;
      permitRootLogin = "yes";
    };
    nginx = {
      enable = true;
      package = (pkgs.nginx.overrideAttrs(oa: {
-        configureFlags = oa.configureFlags ++ [ "--with-mail" "--with-mail_ssl_module" ];
+        configureFlags = oa.configureFlags ++ [ "--with-mail" "--with-mail_ssl_module" "--with-stream" ];
      }));
      virtualHosts = {
        "weirdnatto.in" = {
@@ -27,6 +28,16 @@
          };
        };
      };
+      streamConfig = ''
+      upstream gitea {
+        server 10.55.0.2:22;
+      }
+
+      server {
+        listen 22001;
+        proxy_pass gitea;
+      }
+      '';
    };
    vault-agent = {
      enable = true;