mirror of
https://github.com/oddlama/nix-config.git
synced 2025-10-10 14:50:40 +02:00
fix: allow api server in firewall and add CORS header
This commit is contained in:
parent
4c2f98f9e4
commit
e24f9e4c0b
5 changed files with 43 additions and 0 deletions
|
@ -80,6 +80,7 @@ in
|
|||
client.via = "sentinel";
|
||||
firewallRuleForNode.sentinel.allowedTCPPorts = [
|
||||
80
|
||||
8080
|
||||
9000
|
||||
];
|
||||
};
|
||||
|
@ -88,6 +89,7 @@ in
|
|||
client.via = "ward";
|
||||
firewallRuleForNode.ward-web-proxy.allowedTCPPorts = [
|
||||
80
|
||||
8080
|
||||
9000
|
||||
];
|
||||
};
|
||||
|
@ -173,6 +175,11 @@ in
|
|||
mode = "440";
|
||||
group = "ente";
|
||||
};
|
||||
age.secrets.ente-smtp-password = {
|
||||
generator.script = "alnum";
|
||||
mode = "440";
|
||||
group = "ente";
|
||||
};
|
||||
|
||||
services.minio = {
|
||||
enable = true;
|
||||
|
@ -206,6 +213,15 @@ in
|
|||
rporigins = [ "https://${enteAccountsDomain}" ];
|
||||
};
|
||||
|
||||
# FIXME: blocked on https://github.com/ente-io/ente/issues/5958
|
||||
# smtp = {
|
||||
# host = config.repo.secrets.local.ente.mail.host;
|
||||
# port = 465;
|
||||
# email = config.repo.secrets.local.ente.mail.from;
|
||||
# username = config.repo.secrets.local.ente.mail.user;
|
||||
# password._secret = config.age.secrets.ente-smtp-password.path;
|
||||
# };
|
||||
|
||||
s3 = {
|
||||
use_path_style_urls = true;
|
||||
b2-eu-cen = {
|
||||
|
|
BIN
hosts/sire/secrets/ente/local.nix.age
Normal file
BIN
hosts/sire/secrets/ente/local.nix.age
Normal file
Binary file not shown.
|
@ -319,6 +319,9 @@ in
|
|||
locations."/" = {
|
||||
root = webPackage "accounts";
|
||||
tryFiles = "$uri $uri.html /index.html";
|
||||
extraConfig = ''
|
||||
add_header Access-Control-Allow-Origin 'https://${cfgWeb.domains.api}';
|
||||
'';
|
||||
};
|
||||
};
|
||||
virtualHosts.${domainFor "cast"} = {
|
||||
|
@ -326,6 +329,9 @@ in
|
|||
locations."/" = {
|
||||
root = webPackage "cast";
|
||||
tryFiles = "$uri $uri.html /index.html";
|
||||
extraConfig = ''
|
||||
add_header Access-Control-Allow-Origin 'https://${cfgWeb.domains.api}';
|
||||
'';
|
||||
};
|
||||
};
|
||||
virtualHosts.${domainFor "photos"} = {
|
||||
|
@ -336,6 +342,9 @@ in
|
|||
locations."/" = {
|
||||
root = webPackage "photos";
|
||||
tryFiles = "$uri $uri.html /index.html";
|
||||
extraConfig = ''
|
||||
add_header Access-Control-Allow-Origin 'https://${cfgWeb.domains.api}';
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
10
secrets/generated/sire-ente/ente-smtp-password.age
Normal file
10
secrets/generated/sire-ente/ente-smtp-password.age
Normal file
|
@ -0,0 +1,10 @@
|
|||
age-encryption.org/v1
|
||||
-> X25519 uzx96W3LGgLuzEzAtwPjH+NX2vcv8ubqqX7YZiwQFgk
|
||||
KlBmy7H6aMxmwulZOlTKZstIksYCO3ZmA5FRqPNRVdw
|
||||
-> piv-p256 xqSe8Q A5M4BXtJeBxuptSTUikB5VMJKqOezt0LUujl++SkBK++
|
||||
J7Qv3r/5PbZtDE3bSDDSrH1hCZAhIfvYYQASnftZiBw
|
||||
-> ]#ef9-grease uUT
|
||||
vopjT0SJXs4y/e11dxHdH6Jm4H7fPraQnQ
|
||||
--- 8eRnzo0sQwqYPdMvoIe+yh7Z0XNz04qqmVDBiOiPuOI
|
||||
0ÅŠÍ}*&¹ªn4¯X’–м{fˆÖ6Æ,!sݬ™Àòc´3
|
||||
7új\â$…m[7“ˆªµ£Ÿ0:’êš¼˜3+H�ƒf%òQ�SÏ–¡
|
|
@ -0,0 +1,8 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 JgWCuA q5Wp7aYyyaEavf6STF9SvQgmzdYXgTyGxGfmw3oSZiQ
|
||||
NkBSO5mKfWLe191MADiA1/8UCEWYg1Wf19tDQzRKcuY
|
||||
-> Tmk{-grease 8].Slcf
|
||||
o7SZB2XURbUUce7EuhTa1K0fd40MXUyuDEu52sxbAO5w8f/o7NKhH0E6gxAomVFI
|
||||
3+u4q5rBb2CgqJ7Ggu0BZF5pmVjYUZc8K6c4OzK2w5YwiZzmnw
|
||||
--- CToVXazvableiflSVSRk1gN7L7+//TKkELjn7mJr3qw
|
||||
–aPÆo‡Ö§çªI�c 6A¢ÇwÙÍ•üàR"ûÄY}E>()iD¸ÐØêÿL<„Jå*Ϊd�§kìh#3ÙýUšìбqÙ �+
|
Loading…
Add table
Add a link
Reference in a new issue