diff options
Diffstat (limited to 'nix/hosts/corrino/www/md.emile.space.nix')
| -rw-r--r-- | nix/hosts/corrino/www/md.emile.space.nix | 22 |
1 files changed, 18 insertions, 4 deletions
diff --git a/nix/hosts/corrino/www/md.emile.space.nix b/nix/hosts/corrino/www/md.emile.space.nix index 6088ea0..d94c06c 100644 --- a/nix/hosts/corrino/www/md.emile.space.nix +++ b/nix/hosts/corrino/www/md.emile.space.nix @@ -6,7 +6,7 @@ enableACME = true; locations = { "/" = { - proxyPass = "http://127.0.0.1:${toString config.services.hedgedoc.settings.port}"; + proxyPass = "http://[${config.services.hedgedoc.settings.host}]:${toString config.services.hedgedoc.settings.port}"; }; }; }; @@ -14,10 +14,10 @@ # auth via authelia services.authelia.instances.main.settings.identity_providers.oidc.clients = [ { - id = "HedgeDoc"; + client_id = "HedgeDoc"; # ; nix run nixpkgs#authelia -- crypto hash generate pbkdf2 --variant sha512 --random --random.length 72 --random.charset rfc3986 - secret = "$pbkdf2-sha512$310000$l4Kyec7Q9oY2GAhWA/xMig$P/MYFmulfgsDNyyiclUzd6le0oSiOvqCIvl4op5DkXtVTxLWlMA3ZwhJ6Z7u.OfIREuEM2htH6asxWPhBhkpNQ"; + client_secret = "$pbkdf2-sha512$310000$l4Kyec7Q9oY2GAhWA/xMig$P/MYFmulfgsDNyyiclUzd6le0oSiOvqCIvl4op5DkXtVTxLWlMA3ZwhJ6Z7u.OfIREuEM2htH6asxWPhBhkpNQ"; public = false; authorization_policy = "two_factor"; redirect_uris = [ "https://md.emile.space/auth/oauth2/callback" ]; @@ -47,7 +47,7 @@ environmentFile = config.age.secrets.hedgedoc_environment_variables.path; settings = { - host = "127.0.0.1"; + host = "::1"; port = config.emile.ports.md; domain = "md.emile.space"; @@ -85,6 +85,20 @@ }; }; + services.restic.backups."hedgedoc" = { + repository = "/mnt/storagebox-bx11/hedgedoc"; + paths = [ "/var/lib/hedgedoc" ]; + timerConfig = null; + passwordFile = config.age.secrets.restic_password.path; + initialize = true; + pruneOpts = [ + "--keep-daily 7" + "--keep-weekly 5" + "--keep-monthly 12" + "--keep-yearly 75" + ]; + }; + # backups # services.restic.backups."hedgedoc" = { # user = "u331921"; |
