From 9d795ae38e0eb589bf9e5f3ed6daff9fc98e15c2 Mon Sep 17 00:00:00 2001 From: Kabbone Date: Fri, 31 May 2024 20:56:09 +0200 Subject: [PATCH] hosts: dmz: nix-serve: add reverse proxy --- modules/services/dmz/hydra.nix | 17 +++++++++++++---- secrets/services/acme/opel-online.age | Bin 1494 -> 1494 bytes 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/modules/services/dmz/hydra.nix b/modules/services/dmz/hydra.nix index bf4cae6..de247b4 100644 --- a/modules/services/dmz/hydra.nix +++ b/modules/services/dmz/hydra.nix @@ -37,10 +37,19 @@ acceptTerms = true; defaults = { email = "webmaster@kabtop.de"; - #defaults.server = "https://acme-staging-v02.api.letsencrypt.org/directory"; - dnsProvider = "netcup"; - environmentFile = config.age.secrets."services/acme/opel-online".path; - webroot = null; + #server = "https://acme-staging-v02.api.letsencrypt.org/directory"; + }; + certs = { + "hydra.home.opel-online.de" = { + dnsProvider = "netcup"; + environmentFile = config.age.secrets."services/acme/opel-online".path; + webroot = null; + }; + "cache.home.opel-online.de" = { + dnsProvider = "netcup"; + environmentFile = config.age.secrets."services/acme/opel-online".path; + webroot = null; + }; }; }; diff --git a/secrets/services/acme/opel-online.age b/secrets/services/acme/opel-online.age index df82302fd7fbef0afa7c669d5ca4e4d1c372344f..3ec1a010ebd8ac297e4b76f0ac6481305ac383cb 100644 GIT binary patch literal 1494 zcmZ9~+3(wg0l;x_hzBE(iq>&X3Y*v%>5tfs&w|F{__pK3PJATl15O+tapEIBVq1IY zhIm+|!d}*CLt`ydVO&LG2LgeRxQc`(RzRFW9MWDG)6`K^n0Od_*u(Z0e7+A~+gt7} zqs6vP@*s|Gj<;T?gn+#tw6e_KTRJd`LS)NIuwJ3IAYCLum!jNw5X$^4$KwQn=W~MO zjLM#5W_Rd~(|Q=Py9GdNf;X+B%rCYnsm1oJ~D{Bl0?$6>k!lR|JM}7 zsy(%}8`BYOA{?AC4n9iTCF}Yg71vEtFX>*hS=cEjFh+zJ2*73)&yOr*L~|>o2Dcy- zi;IpU>s7!^=S5^Nkf*Lvvn_i6)wY@4GV&FdsK6BJ8_{}$gcc~ucI_}sByEpE@j(FWjm2MsphODGJ|X@Gh){& zIC1Dxl(Tg7HHc$9xWUO-!nBGcB6-l{qz{DaO=q|1GKxHQZK^SCF=x<4Q){+GK?_Gt zeL@;&B)k}>ft9;n(3jfg3alDg(4>XW0~*aID8XVW zAxBY4s5(nPjOnW|MYlUE-SpRrx9kI6It!q}(0ByjLZ*}|OaqR=Sn0VU-EMpVSwXNc z9!-z;G94yWUQfJGjIV(kVnJjp4 zHQ(6DXv9{f=_+B=6~s+PD0Dz#L!p_t36#sa!?1Bhcq*xWYBsDQj0t(cgzCyE@L8}^2>l$s3b-JwtSzKlAa#^kmhwsfLK~X`s!&oD4ftzcj z6KBBQ-d<~BcXe`_1%#)qrFAm2#n1(VhFEzcNYK%w-z&I8N!o!F1K@MN|0!ypx$(lg zic5)OFV6Asj*GrHaO=tMo&WBE8_$39$>RtA^ykwLK7#%056@kB?R%dSSKfd5z5T!3 z{n2IRE3-$Rx%r8EKKt35^~sy|Z4R49_n*Yy2@YQMVR`TE#~zrT`tjLcKYHfX$A2Q6 zJG-pFPxc=@`q-Oyzy8qMBl^Q%?tA0t32@XkB_dDV#*9wKkEPQUi-S64&d-p4*wz52o5{{G4FOO6n4 z-F4^l*weRu`SLZ^Gq>FSt?0<*KRj}X|Li-5pi8d#xcx`ui^onJxyL{B!NbqLfBK_0 uvg_kV2IpUT@4EWq>-~L)o}ylS`r`dRH_zU1#fb;L@rwsrzrC$Ib?)DomC~%>%ebq23oeMG^Kq7b6IC&@nTTsg%wh!K;=_X&64A$S^(yizFQLq9BDV#%B|FI2sWQW)*Tj#e~H?Od$bXQC6P~^nJh2 z8p%3jJ!ixoVxUiqM1y1Lowt>u8iUc@f3>`@J4PAtnF8s+$#ITkC&qT~Vp&>+>j+S; zx*6aYP3uh=IB<|+jJ1}Lr6_a_KoIT97AGSa&EkFl?d^GB#(|iw7bG7$8*3{U)0##E zc^V8h>zttu$MUqh$chH7Scw$=-RADQ^weZy3L8X_(ujIFhIN9cc!uWtCvZC2un{P& zw(Es9iB_u?Rne^5FMThnanno8fRWz8mIlyz=%^_yIAT5Rhm5Z2g7Ws=nAcOft@|!3mbw9JU zab_=rNZHsT+wCr6VngtI5Y%jgY%Sk_P{}Q%79gbG!~nJhH! z(((mevqcIQw+2bXKDm+;o}59n)0pjKR$(|Mwx-`s)G^FE)Ai2k3p2opCa%uA+X3#_ zs!*@?buAd_e8OWzi=-Y<0OY!+RJL(qU@AQh<5j(3L~dmt9!!alvyHUw0|!P>!I2Ve zM;?S~zRZi2*iyVVrRSai#Z9P`DT8b#f<4F^tz-sT$Z36XAx{@p9$5=pJ{$#E< z*}Cp!7(sS|T&0Lzhsk_)HuRRhWF~UeZ%Dhy!)eIo7R=emC^mAU+PH%Zl}A%Zu!gHC z<|+L)n=iJ4)t^bjxlr)>XiOmWa;hom7r3T4%47~9WN{=v?CqxYStcV zBqeBTgf#_3Akke&Qsg+mQpbh5iL$|!pj81Xcz z=^bbP{Lru8{<-xm`tG$~P@lchyYBLpSLrkHn`i$dfB3-3_a8ZN^wh^+={|Sg-9Nc9 z13&x2{Z?6+CPk!U|Cxg3Azjyi8-T9Y(xYDm1-f;Xg_$l}or@np1{`K#X_rAd0Ilge@OCLNl z{73c8=RYQ#zWb^-UQph;{-tZ^d(PV@zk8Yb<&SgxZ~we2e{ufW_b)wq@8`|;z)iQj pfAI$P^bao9@22SZoyRUw7rL)rtJ%BTd$)b^#HSv-eCzCb^