diff --git a/instances/baldur/configuration.nix b/instances/baldur/configuration.nix index f85bb97..0673049 100644 --- a/instances/baldur/configuration.nix +++ b/instances/baldur/configuration.nix @@ -68,12 +68,12 @@ ssl = { enableACME = true; forceSSL = true; }; in { - "unimi.bertof.net" = ssl // { + "me.bertof.net" = ssl // { locations."/".extraConfig = "rewrite ^/(.*)$ https://homes.di.unimi.it/berto/$1 redirect ;"; }; "home-assistant.bertof.net" = ssl // { - locations."/" = { proxyPass = "http://loki.zto:8123/"; proxyWebsockets = true; }; + locations."/" = { proxyPass = "http://loki.tsn:8123/"; proxyWebsockets = true; }; extraConfig = '' proxy_pass_header Authorization; proxy_buffering off; diff --git a/instances/loki/configuration.nix b/instances/loki/configuration.nix index 00042a6..502fb9e 100644 --- a/instances/loki/configuration.nix +++ b/instances/loki/configuration.nix @@ -280,7 +280,12 @@ in http = { use_x_forwarded_for = true; - trusted_proxies = [ hosts.zerotier.ipv4."baldur.zto" "::1" "127.0.0.1" ]; + trusted_proxies = [ + hosts.zerotier.ipv4."baldur.zto" + hosts.tailscale.ipv4."baldur.tsn" + "::1" + "127.0.0.1" + ]; }; automation = "!include automations.yaml"; diff --git a/modules/nixos/nextcloud.nix b/modules/nixos/nextcloud.nix index e202e88..53a2ddf 100644 --- a/modules/nixos/nextcloud.nix +++ b/modules/nixos/nextcloud.nix @@ -39,7 +39,14 @@ in ]; config = { - trustedProxies = [ hosts.zerotier.ipv4."baldur.zto" hosts.zerotier.ipv6."baldur.zto" "baldur.zto" ]; + trustedProxies = [ + hosts.zerotier.ipv4."baldur.zto" + hosts.zerotier.ipv6."baldur.zto" + hosts.tailscale.ipv4."baldur.tsn" + hosts.tailscale.ipv6."baldur.tsn" + "baldur.zto" + "baldur.tsn" + ]; extraTrustedDomains = [ config.services.nextcloud.hostName "freya.zto" ]; adminpassFile = config.age.secrets.nextcloud_admin_secret.path; overwriteProtocol = "https";