fixes for pc2, misc changes

2024-10-26 16:43:08 +02:00 · 2024-10-26 16:43:08 +02:00 · 074ea3bd3b
commit 074ea3bd3b
parent f41cd58e54
6 changed files with 33 additions and 39 deletions
--- a/hosts/hetzner-vpn1/environment.nix
+++ b/hosts/hetzner-vpn1/environment.nix
@ -2,27 +2,7 @@
  pkgs,
  lib,
  ...
-}: let
-  servicesDomain = "services.zerforschen.plus";
-  mkServiceConfig = host: port: {
-    addSSL = true;
-    enableACME = true;
-    locations."/" = {
-      proxyPass = "http://${host}:${toString port}/";
-      extraConfig = ''
-        # bind to tailscale ip
-        proxy_bind 100.88.118.60;
-        # pam auth
-        limit_except OPTIONS {
-          auth_pam  "Password Required";
-          auth_pam_service_name "nginx";
-        }
-      '';
-    };
-  };
-  lpt2 = "vinzenz-lpt2.donkey-pentatonic.ts.net";
-  pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net";
-in {
+}: {
  imports = [
    ../../users/vinzenz.nix
    ../../users/ronja.nix
@ -66,7 +46,27 @@ in {
      recommendedGzipSettings = true;
      recommendedOptimisation = true;

-      virtualHosts = {
+      virtualHosts = let
+        servicesDomain = "services.zerforschen.plus";
+        mkServiceConfig = host: port: {
+          addSSL = true;
+          enableACME = true;
+          locations."/" = {
+            proxyPass = "http://${host}:${toString port}/";
+            extraConfig = ''
+              # bind to tailscale ip
+              proxy_bind 100.88.118.60;
+              # pam auth
+              limit_except OPTIONS {
+                auth_pam  "Password Required";
+                auth_pam_service_name "nginx";
+              }
+            '';
+          };
+        };
+        lpt2 = "vinzenz-lpt2.donkey-pentatonic.ts.net";
+        pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net";
+      in {
        "vscode.${servicesDomain}" = lib.mkMerge [
          (mkServiceConfig pc2 8542)
          {locations."/" .proxyWebsockets = true;}