1
1
Fork 1
mirror of https://github.com/oddlama/nix-config.git synced 2025-10-11 07:10:39 +02:00

fix: fix routes to home assistant

This commit is contained in:
oddlama 2024-05-23 02:10:45 +02:00
parent 6c731eede4
commit b36e7e8202
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
4 changed files with 11 additions and 32 deletions

View file

@ -1,11 +1,12 @@
{
lib,
config,
nodes,
...
}: let
homeDomain = "home.${config.repo.secrets.global.domains.me}";
in {
wireguard.proxy-home.firewallRuleForNode.ward.allowedTCPPorts = [
wireguard.proxy-home.firewallRuleForNode.ward-web-proxy.allowedTCPPorts = [
config.services.home-assistant.config.http.server_port
];
@ -37,7 +38,7 @@ in {
server_host = ["0.0.0.0"];
server_port = 8123;
use_x_forwarded_for = true;
trusted_proxies = ["127.0.0.1"];
trusted_proxies = [nodes.ward-web-proxy.config.wireguard.proxy-home.ipv4];
};
homeassistant = {
@ -82,7 +83,11 @@ in {
#themes = "!include_dir_merge_named themes";
};
};
extraPackages = python3Packages: with python3Packages; [psycopg2];
extraPackages = python3Packages:
with python3Packages; [
psycopg2
gtts
];
};
age.secrets."home-assistant-secrets.yaml" = {
@ -97,16 +102,7 @@ in {
'';
};
services.nginx = {
upstreams.homeassistant = {
extraConfig = ''
zone homeassistant 64k;
keepalive 2;
'';
};
};
nodes.ward = {
nodes.ward-web-proxy = {
services.nginx = {
upstreams."home-assistant" = {
servers."${config.wireguard.proxy-home.ipv4}:${toString config.services.home-assistant.config.http.server_port}" = {};
@ -117,7 +113,7 @@ in {
};
virtualHosts.${homeDomain} = {
forceSSL = true;
enableACME = true;
useACMEWildcardHost = true;
locations."/" = {
proxyPass = "http://home-assistant";
proxyWebsockets = true;