From f9759de8cc2b189e8b0464778245df5c20d79e43 Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Thu, 23 Jun 2022 17:48:48 -0700 Subject: fix(modules/transmission): configure nginx to bind on tailscale IP Only serve a response if the request is coming from tailscale. To ensure this is the case, let's configure nginx to only listen on the tailscale IP of the host for that server. Note: the IP is currently hard coded, there has to be a better way. Change-Id: I21b6db5e94070024c1ff8d6cea852aafd6952b55 Reviewed-on: https://cl.fcuny.net/c/world/+/483 Tested-by: CI Reviewed-by: Franck Cuny --- modules/services/transmission/default.nix | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/modules/services/transmission/default.nix b/modules/services/transmission/default.nix index c44034b..824f7a5 100644 --- a/modules/services/transmission/default.nix +++ b/modules/services/transmission/default.nix @@ -36,6 +36,18 @@ in services.nginx.virtualHosts."${cfg.vhostName}" = { forceSSL = true; useACMEHost = cfg.vhostName; + listen = [ + { + addr = "100.85.232.66"; + port = 443; + ssl = true; + } + { + addr = "100.85.232.66"; + port = 80; + ssl = false; + } + ]; locations."/" = { proxyPass = "http://127.0.0.1:9091"; proxyWebsockets = true; -- cgit 1.4.1