feat: firefly-iii test

2025-08-08 21:04:38 -05:00 · 2025-06-27 03:18:27 -05:00 · 2025-06-27 03:18:27 -05:00 · 195ed9eba6
commit 195ed9eba6
parent 0004183f51
1 changed files with 43 additions and 31 deletions
--- a/modules/nixos/services/firefly/default.nix
+++ b/modules/nixos/services/firefly/default.nix
@ -12,7 +12,7 @@ in
  services = {
    firefly-iii = {
      enable = true;
-      virtualHost = "localhost";
+      virtualHost = host;
      settings = {
        APP_KEY_FILE = config.sops.secrets."${service.name}-key".path;
        SITE_OWNER = email.address0;
@ -21,38 +21,49 @@ in
        DB_PASSWORD_FILE = config.sops.secrets."${service.name}-pass".path;
      };
    };
-    caddy = {
-      virtualHosts = {
-        "${host}" = {
-          extraConfig = ''
-            encode gzip
-
-            reverse_proxy localhost:8080 {
-                header_up Host {host}:{server_port}
-                header_up X-Real-IP {remote_host}
-                header_up X-Forwarded-For {remote_host}
-                header_up X-Forwarded-Proto https
-                header_up X-Forwarded-Host {host}
-                header_up X-Forwarded-Ssl on
-                header_up Connection ""
-
-                timeout 240s
-                dial_timeout 240s
-            }
-
-            @session_cookie header Cookie *session*
-            handle @session_cookie {
-                header Cache-Control "no-cache, no-store, must-revalidate"
-            }
-
-            request_body {
-                max_size 64MB
-            }
-            tls ${service.ssl.cert} ${service.ssl.key}
-          '';
-        };
+    ngnix = {
+      enable = true;
+      virtualHosts.${config.services.firefly-iii.virtualHost} = {
+        listen = [
+          {
+            addr = "0.0.0.0";
+            port = 8080;
+          }
+        ];
      };
    };
+    # caddy = {
+    #   virtualHosts = {
+    #     "${host}" = {
+    #       extraConfig = ''
+    #         encode gzip
+
+    #         reverse_proxy localhost:8080 {
+    #             header_up Host {host}:{server_port}
+    #             header_up X-Real-IP {remote_host}
+    #             header_up X-Forwarded-For {remote_host}
+    #             header_up X-Forwarded-Proto https
+    #             header_up X-Forwarded-Host {host}
+    #             header_up X-Forwarded-Ssl on
+    #             header_up Connection ""
+
+    #             timeout 240s
+    #             dial_timeout 240s
+    #         }
+
+    #         @session_cookie header Cookie *session*
+    #         handle @session_cookie {
+    #             header Cache-Control "no-cache, no-store, must-revalidate"
+    #         }
+
+    #         request_body {
+    #             max_size 64MB
+    #         }
+    #         tls ${service.ssl.cert} ${service.ssl.key}
+    #       '';
+    #     };
+    #   };
+    # };
  };

  sops =
@ -100,6 +111,7 @@ in
  networking = {
    firewall = {
      allowedTCPPorts = [
+        8080
        service.ports.port0
      ];
    };