sokai/mynixos-config
1
1
Fork 0
forked from mirrors_public/oddlama_nix-config
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore: remove oauth2 from influx and only allow internal peers

Browse source
This commit is contained in:
oddlama 2024-05-15 23:48:29 +02:00
parent 10abb7b03b
commit 5c354c8ec8
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
1 changed files with 0 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

3
hosts/sire/guests/influxdb.nix
View file

@ -27,15 +27,12 @@ in {
};
virtualHosts.${influxdbDomain} = let
accessRules = ''
satisfy any;
${lib.concatMapStrings (ip: "allow ${ip};\n") sentinelCfg.wireguard.proxy-sentinel.server.reservedAddresses}
deny all;
'';
in {
forceSSL = true;
useACMEWildcardHost = true;
oauth2.enable = true;
oauth2.allowedGroups = ["access_influxdb"];
locations."/" = {
proxyPass = "http://influxdb";
proxyWebsockets = true;