From 2567f8703cf2e925e0bb64f163a450214a483ec9 Mon Sep 17 00:00:00 2001 From: Tyler Starr Date: Sun, 3 Dec 2023 12:22:18 -0800 Subject: [PATCH] fix reverse proxy for HA --- provision/hosts/torus/configuration.nix | 3 --- .../hosts/torus/home-assistant/default.nix | 23 +++++++++++++++++++ 2 files changed, 23 insertions(+), 3 deletions(-) diff --git a/provision/hosts/torus/configuration.nix b/provision/hosts/torus/configuration.nix index 92ed040f..caefd0db 100644 --- a/provision/hosts/torus/configuration.nix +++ b/provision/hosts/torus/configuration.nix @@ -118,9 +118,6 @@ "rss.tstarr.us" = (SSL // { locations."/".proxyPass = "http://localhost:8087/"; }); - "home.tstarr.us" = (SSL // { - locations."/".proxyPass = "http://localhost:8123/"; - }); "media.tstarr.us" = (SSL // { locations."/".proxyPass = "http://localhost:8096/"; }); diff --git a/provision/hosts/torus/home-assistant/default.nix b/provision/hosts/torus/home-assistant/default.nix index 4319bfde..2e5b949c 100644 --- a/provision/hosts/torus/home-assistant/default.nix +++ b/provision/hosts/torus/home-assistant/default.nix @@ -20,7 +20,30 @@ # Includes dependencies for a basic setup # https://www.home-assistant.io/integrations/default_config/ default_config = {}; + http = { + use_x_forwarded_for = true; + trusted_proxies = [ + "127.0.0.1" + "::1" + ]; + }; }; }; + services.nginx.virtualHosts."home.tstarr.us" = { + forceSSL = true; + enableACME = true; + extraConfig = '' + proxy_buffering off; + ''; + locations."/".extraConfig = '' + proxy_pass http://localhost:8123; + proxy_set_header Host $host; + proxy_redirect http:// https://; + proxy_http_version 1.1; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + ''; + }; }