force ssl for home assistant only if ssl is enabled
This commit is contained in:
parent
39c2c943a1
commit
8d08c5b7c0
3 changed files with 9 additions and 9 deletions
|
@ -144,10 +144,10 @@ in
|
||||||
};
|
};
|
||||||
|
|
||||||
services.nginx.virtualHosts."${fqdn}" = {
|
services.nginx.virtualHosts."${fqdn}" = {
|
||||||
forceSSL = true;
|
forceSSL = lib.mkIf config.shb.ssl.enable true;
|
||||||
http2 = true;
|
http2 = true;
|
||||||
sslCertificate = "/var/lib/acme/${cfg.domain}/cert.pem";
|
sslCertificate = lib.mkIf config.shb.ssl.enable "/var/lib/acme/${cfg.domain}/cert.pem";
|
||||||
sslCertificateKey = "/var/lib/acme/${cfg.domain}/key.pem";
|
sslCertificateKey = lib.mkIf config.shb.ssl.enable "/var/lib/acme/${cfg.domain}/key.pem";
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
proxy_buffering off;
|
proxy_buffering off;
|
||||||
'';
|
'';
|
||||||
|
|
|
@ -73,9 +73,9 @@ in
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
||||||
virtualHosts.${fqdn} = {
|
virtualHosts.${fqdn} = {
|
||||||
forceSSL = true;
|
forceSSL = lib.mkIf config.shb.ssl.enable true;
|
||||||
sslCertificate = "/var/lib/acme/${cfg.domain}/cert.pem";
|
sslCertificate = lib.mkIf config.shb.ssl.enable "/var/lib/acme/${cfg.domain}/cert.pem";
|
||||||
sslCertificateKey = "/var/lib/acme/${cfg.domain}/key.pem";
|
sslCertificateKey = lib.mkIf config.shb.ssl.enable "/var/lib/acme/${cfg.domain}/key.pem";
|
||||||
locations."/" = {
|
locations."/" = {
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
proxy_set_header Host $host;
|
proxy_set_header Host $host;
|
||||||
|
|
|
@ -99,9 +99,9 @@ in
|
||||||
let
|
let
|
||||||
vhostCfg = c: {
|
vhostCfg = c: {
|
||||||
${fqdn c} = {
|
${fqdn c} = {
|
||||||
forceSSL = true;
|
forceSSL = lib.mkIf config.shb.ssl.enable true;
|
||||||
sslCertificate = "/var/lib/acme/${c.domain}/cert.pem";
|
sslCertificate = lib.mkIf config.shb.ssl.enable "/var/lib/acme/${c.domain}/cert.pem";
|
||||||
sslCertificateKey = "/var/lib/acme/${c.domain}/key.pem";
|
sslCertificateKey = lib.mkIf config.shb.ssl.enable "/var/lib/acme/${c.domain}/key.pem";
|
||||||
|
|
||||||
# Taken from https://github.com/authelia/authelia/issues/178
|
# Taken from https://github.com/authelia/authelia/issues/178
|
||||||
locations."/".extraConfig = ''
|
locations."/".extraConfig = ''
|
||||||
|
|
Loading…
Reference in a new issue