sora/nixconfig
1
0
Fork 1
Code Issues 2 Pull Requests Actions Releases Activity

fix stuff

Browse Source
This commit is contained in:
soraefir
2026-06-07 18:03:02 +02:00
parent 9cf7da5a73
commit 844199aed1
3 changed files with 8 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
modules/server/containers/apps/nextcloud.nix
View File

@@ -50,12 +50,10 @@ in {
NEXTCLOUD_DATA_DIR = "/var/www/html/data"; NEXTCLOUD_DATA_DIR = "/var/www/html/data";
}; };
extraLabels = { extraLabels = {
"traefik.http.routers.${containerCfg.subdomain}.middlewares" = "sts_headers,${containerCfg.subdomain}-caldav"; "traefik.http.routers.${containerCfg.subdomain}.middlewares" = "hsts-headers@docker,${containerCfg.subdomain}-caldav";
"traefik.http.middlewares.${containerCfg.subdomain}-caldav.redirectregex.permanent" = "true"; "traefik.http.middlewares.${containerCfg.subdomain}-caldav.redirectregex.permanent" = "true";
"traefik.http.middlewares.${containerCfg.subdomain}-caldav.redirectregex.regex" = "https://(.*)/.well-known/(?:card|cal)dav"; "traefik.http.middlewares.${containerCfg.subdomain}-caldav.redirectregex.regex" = "https://(.*)/.well-known/(?:card|cal)dav";
"traefik.http.middlewares.${containerCfg.subdomain}-caldav.redirectregex.replacement" = "https://$1/remote.php/dav"; "traefik.http.middlewares.${containerCfg.subdomain}-caldav.redirectregex.replacement" = "https://$1/remote.php/dav";
"traefik.http.middlewares.sts_headers.headers.stsSeconds" = "15552000";
"traefik.http.middlewares.sts_headers.headers.stsIncludeSubdomains" = "true";
}; };
overrides = { overrides = {
ports = if containerCfg.port!=null then [ "${toString containerCfg.port}:80" ] else []; ports = if containerCfg.port!=null then [ "${toString containerCfg.port}:80" ] else [];

6
modules/server/containers/apps/traefik.nix
View File

@@ -30,6 +30,12 @@ in {
"traefik.http.routers.${containerCfg.subdomain}.priority" = "10"; "traefik.http.routers.${containerCfg.subdomain}.priority" = "10";
"traefik.http.routers.${containerCfg.subdomain}.service" = "api@internal"; "traefik.http.routers.${containerCfg.subdomain}.service" = "api@internal";
"traefik.http.middlewares.hsts-headers.headers.stsSeconds" = "15552000";
"traefik.http.middlewares.hsts-headers.headers.stsIncludeSubdomains" = "true";
"traefik.http.middlewares.hsts-headers.headers.stsPreload" = "true";
"traefik.http.middlewares.hsts-headers.headers.forceSTSHeader" = "true";
"traefik.http.routers.${containerCfg.subdomain}.middlewares" = if serverCfg.containers?authentik then "authentik" else ""; "traefik.http.routers.${containerCfg.subdomain}.middlewares" = if serverCfg.containers?authentik then "authentik" else "";
} // (if serverCfg.containers?authentik then { } // (if serverCfg.containers?authentik then {
"traefik.http.middlewares.authentik.forwardauth.maxResponseBodySize" = "10485760"; "traefik.http.middlewares.authentik.forwardauth.maxResponseBodySize" = "10485760";

2
modules/server/containers/default.nix
View File

@@ -14,7 +14,7 @@ let
lib.mapAttrs' (cName: cCfg: lib.nameValuePair "${appName}-${cName}" cCfg) app.runtime.containers lib.mapAttrs' (cName: cCfg: lib.nameValuePair "${appName}-${cName}" cCfg) app.runtime.containers
) loadedContainers; ) loadedContainers;
allPathConfigs = allPathConfigs =
(lib.mapAttrsToList (_: cfg: cfg) serverCfg.path) (lib.mapAttrsToList (_: cfg: cfg) (lib.filterAttrs (name: _: name != "config") serverCfg.path))
++ concatRuntimeLists "paths"; ++ concatRuntimeLists "paths";
allSetupConfigs = map (app: ({ name = app.name; envFile = ""; } // app.runtime.setup)) appsList; allSetupConfigs = map (app: ({ name = app.name; envFile = ""; } // app.runtime.setup)) appsList;
allCronsConfigs = concatRuntimeLists "cron"; allCronsConfigs = concatRuntimeLists "cron";