sokai/mynixos-config
1
1
Fork 0
forked from mirrors_public/oddlama_nix-config
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore: remove oauth2 from influx and only allow internal peers

Browse source
This commit is contained in:
oddlama 2024-05-15 23:48:29 +02:00
parent 10abb7b03b
commit 5c354c8ec8
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
1 changed files with 0 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

3
hosts/sire/guests/influxdb.nix
View file

@ -27,15 +27,12 @@ in {
}; };
virtualHosts.${influxdbDomain} = let virtualHosts.${influxdbDomain} = let
accessRules = '' accessRules = ''
satisfy any;
${lib.concatMapStrings (ip: "allow ${ip};\n") sentinelCfg.wireguard.proxy-sentinel.server.reservedAddresses} ${lib.concatMapStrings (ip: "allow ${ip};\n") sentinelCfg.wireguard.proxy-sentinel.server.reservedAddresses}
deny all; deny all;
''; '';
in { in {
forceSSL = true; forceSSL = true;
useACMEWildcardHost = true; useACMEWildcardHost = true;
oauth2.enable = true;
oauth2.allowedGroups = ["access_influxdb"];
locations."/" = { locations."/" = {
proxyPass = "http://influxdb"; proxyPass = "http://influxdb";
proxyWebsockets = true; proxyWebsockets = true;