unifi: use nginx for reverse proxy

author: Franck Cuny <franck@fcuny.net> 2022-04-13 13:50:26 -0700
committer: Franck Cuny <franck@fcuny.net> 2022-04-13 13:50:26 -0700
commit: bc02ce251e27cd96fc9315fa50d5ff806e1cd699 (patch)
tree: 619be1b0463a30b66e88601542b33a821d18b707 /modules/services/unifi/default.nix
parent: transmission: use nginx for reverse proxy (diff)
download: world-bc02ce251e27cd96fc9315fa50d5ff806e1cd699.tar.gz
1 files changed, 14 insertions, 0 deletions
diff --git a/modules/services/unifi/default.nix b/modules/services/unifi/default.nix
index ee5ec6d..137e8ed 100644
--- a/modules/services/unifi/default.nix
+++ b/modules/services/unifi/default.nix
@@ -63,6 +63,20 @@ in {
       };
     };
 
+    services.nginx.virtualHosts."unifi.fcuny.xyz" = {
+      forceSSL = true;
+      useACMEHost = "unifi.fcuny.xyz";
+      locations."/" = {
+        proxyPass = "http://127.0.0.1:8443";
+        proxyWebsockets = true;
+      };
+    };
+
+    security.acme.certs."unifi.fcuny.xyz" = {
+      dnsProvider = "gcloud";
+      credentialsFile = secrets."acme/credentials".path;
+    };
+
     my.services.backup = { paths = [ "/var/lib/unifi" ]; };
   };
 }
author	Franck Cuny <franck@fcuny.net>	2022-04-13 13:50:26 -0700
committer	Franck Cuny <franck@fcuny.net>	2022-04-13 13:50:26 -0700
commit	bc02ce251e27cd96fc9315fa50d5ff806e1cd699 (patch)
tree	619be1b0463a30b66e88601542b33a821d18b707 /modules/services/unifi/default.nix
parent	transmission: use nginx for reverse proxy (diff)
download	world-bc02ce251e27cd96fc9315fa50d5ff806e1cd699.tar.gz