From 8da5f0b48ac5bd7fb9bc5302437b4c64186e4f3c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Benjamin=20B=C3=A4dorf?= Date: Sat, 28 Oct 2023 21:34:45 +0200 Subject: [PATCH] fix: enable SSL for keycloak --- hosts/nachtigall/apps/keycloak.nix | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/hosts/nachtigall/apps/keycloak.nix b/hosts/nachtigall/apps/keycloak.nix index ec9d5073..a336274c 100644 --- a/hosts/nachtigall/apps/keycloak.nix +++ b/hosts/nachtigall/apps/keycloak.nix @@ -12,17 +12,22 @@ #owner = "keycloak"; }; - services.nginx.virtualHosts."auth.pub.solar".locations = { - "= /" = { - extraConfig = '' - return 302 /realms/pub.solar/account; - ''; - }; + services.nginx.virtualHosts."auth.pub.solar" = { + enableACME = true; + forceSSL = true; - "/" = { - extraConfig = '' - proxy_pass http://localhost:8080; - ''; + locations = { + "= /" = { + extraConfig = '' + return 302 /realms/pub.solar/account; + ''; + }; + + "/" = { + extraConfig = '' + proxy_pass http://localhost:8080; + ''; + }; }; };