fruchti/hosts
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
hosts/hosts/tls_sni.nix

59 lines
1.3 KiB
Nix
Raw Blame History

{ ... }:
{
services.nginx = {
streamConfig = ''
map $ssl_preread_server_name $target_backend {
md.gvfr.de rupert;
rupert.gvfr.de rupert;
default localserv;
}
upstream rupert {
server rupert.gvfr.de:4431;
}
upstream localserv {
server localhost:4431;
}
server {
listen 443;
ssl_preread on;
# proxy_connect_timeout 1s;
# proxy_timeout 3s;
# resolver 1.1.1.1;
proxy_pass $target_backend;
proxy_next_upstream off;
proxy_protocol on;
}
'';
defaultListen = [
{
addr = "0.0.0.0";
port = 80;
ssl = false;
}
{
addr = "[::0]";
port = 80;
ssl = false;
}
{
addr = "0.0.0.0";
port = 4431;
ssl = true;
proxyProtocol = true;
}
{
addr = "[::0]";
port = 4431;
ssl = true;
proxyProtocol = true;
}
];
};
}
Reference in a new issue View git blame Copy permalink