genebean/dots
1
0
Fork 0
mirror of https://github.com/genebean/dots.git synced 2026-03-27 01:17:42 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Make immich-kiosk available via https + basic auth

Browse source
This commit is contained in:
Gene Liverman 2025-01-10 13:34:13 -05:00
parent dd5d19f8ee
commit 839d0c386e
2 changed files with 23 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

19
modules/hosts/nixos/nixnuc/default.nix
View file

@ -343,6 +343,21 @@ in {
send_timeout 600s;
'';
};
"immich-kiosk.${home_domain}" = {
listen = [{ port = https_port; addr = "0.0.0.0"; ssl = true; }];
enableACME = true;
acmeRoot = null;
forceSSL = true;
basicAuthFile = config.sops.secrets.immich_kiosk_basic_auth.path;
locations."/".proxyPass = "http://${backend_ip}:3001";
locations."/".proxyWebsockets = true;
extraConfig = ''
client_max_body_size 0;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
send_timeout 600s;
'';
};
"jellyfin.${home_domain}" = {
listen = [{ port = https_port; addr = "0.0.0.0"; ssl = true; }];
enableACME = true;
@ -453,6 +468,10 @@ in {
age.keyFile = "${config.users.users.${username}.home}/.config/sops/age/keys.txt";
defaultSopsFile = ./secrets.yaml;
secrets = {
immich_kiosk_basic_auth = {
owner = config.users.users.nginx.name;
restartUnits = ["nginx.service"];
};
local_git_config = {
owner = "${username}";
path = "${config.users.users.${username}.home}/.gitconfig-local";