about summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--nix/hosts/corrino/www/sso.emile.space.nix74
1 files changed, 38 insertions, 36 deletions
diff --git a/nix/hosts/corrino/www/sso.emile.space.nix b/nix/hosts/corrino/www/sso.emile.space.nix
index 3a742c5..fa83fb8 100644
--- a/nix/hosts/corrino/www/sso.emile.space.nix
+++ b/nix/hosts/corrino/www/sso.emile.space.nix
@@ -1,7 +1,8 @@
 { config, pkgs, ... }:
 
 let
-  authelia_port = config.services.authelia.instances.main.settings.server.port;
+  # authelia_port = config.services.authelia.instances.main.settings.server.port;
+  authelia_port = config.emile.ports.authelia;
 in
 {
 
@@ -14,41 +15,41 @@ in
         proxyPass = "http://127.0.0.1:${toString authelia_port}";
 
         extraConfig = ''
-          	## Headers
-          	proxy_set_header Host $host;
-          	proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
-          	proxy_set_header X-Forwarded-Proto $scheme;
-          	proxy_set_header X-Forwarded-Host $http_host;
-          	proxy_set_header X-Forwarded-URI $request_uri;
-          	proxy_set_header X-Forwarded-Ssl on;
-          	proxy_set_header X-Forwarded-For $remote_addr;
-          	proxy_set_header X-Real-IP $remote_addr;
-
-          	## Basic Proxy Configuration
-          	client_body_buffer_size 128k;
-          	proxy_next_upstream error timeout invalid_header http_500 http_502 http_503; ## Timeout if the real server is dead.
-          	proxy_redirect  http://  $scheme://;
-          	proxy_http_version 1.1;
-          	proxy_cache_bypass $cookie_session;
-          	proxy_no_cache $cookie_session;
-          	proxy_buffers 64 256k;
-
-          	## Trusted Proxies Configuration
-          	## Please read the following documentation before configuring this:
-          	##     https://www.authelia.com/integration/proxies/nginx/#trusted-proxies
-          	# set_real_ip_from 10.0.0.0/8;
-          	# set_real_ip_from 172.16.0.0/12;
-          	# set_real_ip_from 192.168.0.0/16;
-          	# set_real_ip_from fc00::/7;
-          	set_real_ip_from 127.0.0.1/32;
-          	real_ip_header X-Forwarded-For;
-          	real_ip_recursive on;
-
-          	## Advanced Proxy Configuration
-          	send_timeout 5m;
-          	proxy_read_timeout 360;
-          	proxy_send_timeout 360;
-          	proxy_connect_timeout 360;
+          ## Headers
+          proxy_set_header Host $host;
+          proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
+          proxy_set_header X-Forwarded-Proto $scheme;
+          proxy_set_header X-Forwarded-Host $http_host;
+          proxy_set_header X-Forwarded-URI $request_uri;
+          proxy_set_header X-Forwarded-Ssl on;
+          proxy_set_header X-Forwarded-For $remote_addr;
+          proxy_set_header X-Real-IP $remote_addr;
+
+          ## Basic Proxy Configuration
+          client_body_buffer_size 128k;
+          proxy_next_upstream error timeout invalid_header http_500 http_502 http_503; ## Timeout if the real server is dead.
+          proxy_redirect  http://  $scheme://;
+          proxy_http_version 1.1;
+          proxy_cache_bypass $cookie_session;
+          proxy_no_cache $cookie_session;
+          proxy_buffers 64 256k;
+
+          ## Trusted Proxies Configuration
+          ## Please read the following documentation before configuring this:
+          ##     https://www.authelia.com/integration/proxies/nginx/#trusted-proxies
+          # set_real_ip_from 10.0.0.0/8;
+          # set_real_ip_from 172.16.0.0/12;
+          # set_real_ip_from 192.168.0.0/16;
+          # set_real_ip_from fc00::/7;
+          set_real_ip_from 127.0.0.1/32;
+          real_ip_header X-Forwarded-For;
+          real_ip_recursive on;
+
+          ## Advanced Proxy Configuration
+          send_timeout 5m;
+          proxy_read_timeout 360;
+          proxy_send_timeout 360;
+          proxy_connect_timeout 360;
         '';
       };
 
@@ -104,6 +105,7 @@ in
         theme = "dark";
 
         server = {
+          # address = "127.0.0.1:${toString config.emile.ports.authelia}";
           host = "127.0.0.1";
           port = config.emile.ports.authelia;
         };