phfroidmont/self-hosting
1
0
Fork 0
mirror of https://github.com/phfroidmont/self-hosting.git synced 2025-12-25 05:36:59 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add chisel

Browse source
This commit is contained in:
Paul-Henri Froidmont 2025-08-28 23:47:37 +02:00
parent c06ba9ab5d
commit 051baa2900
Signed by: phfroidmont
GPG key ID: BE948AFD7E7873BE
4 changed files with 38 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

24
profiles/hel.nix
View file

@ -42,6 +42,9 @@
nixCacheKey = {
key = "nix/cache_secret_key";
};
chiselAuthFile = {
key = "chisel/auth.json";
};
};
time.timeZone = "Europe/Amsterdam";
@ -517,4 +520,25 @@
path = "/nix/var/data/epicerie_du_cellier_backup";
};
};
services.chisel-server = {
enable = true;
reverse = true;
socks5 = true;
port = 34220;
host = "127.0.0.1";
authfile = "/run/credentials/chisel-server.service/authfile";
};
systemd.services.chisel-server.serviceConfig.LoadCredential =
"authfile:${config.sops.secrets.chiselAuthFile.path}";
services.nginx.virtualHosts."ch.${config.networking.domain}" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.services.chisel-server.port}";
proxyWebsockets = true;
};
};
}