From 57a5740f6f9828b4a702d5418e58f9ea4f3bfc43 Mon Sep 17 00:00:00 2001 From: eyjhb Date: Tue, 3 Dec 2024 22:06:04 +0100 Subject: [PATCH] authelia-nginx: chnaged how to protect websites --- machines/gerd/services/authelia/authelia-nginx.nix | 8 ++------ machines/gerd/services/member-website/default.nix | 4 +--- 2 files changed, 3 insertions(+), 9 deletions(-) diff --git a/machines/gerd/services/authelia/authelia-nginx.nix b/machines/gerd/services/authelia/authelia-nginx.nix index 96d08f2..b58399a 100644 --- a/machines/gerd/services/authelia/authelia-nginx.nix +++ b/machines/gerd/services/authelia/authelia-nginx.nix @@ -76,12 +76,8 @@ let error_page 401 =302 https://${config.mine.shared.settings.authelia.domain}/?rd=$target_url; ''; in { - # TODO: fix this - mine.shared.lib.authelia.autheliaLocation = autheliaLocation; - - mine.shared.lib.authelia.mkProtectedWebsite = { vhostConfig, endpoint ? "/" }: lib.recursiveUpdate vhostConfig { - extraConfig = (lib.attrByPath [ "extraConfig" ] "" vhostConfig) + "\n" + "include ${autheliaLocation};"; - locations."${endpoint}" = config.mine.shared.lib.authelia.mkProtectedLocation (lib.attrByPath [ "locations" endpoint ] {} vhostConfig); + mine.shared.lib.authelia.mkProtectedWebsite = websiteConfig: lib.recursiveUpdate websiteConfig { + extraConfig = (lib.attrByPath [ "extraConfig" ] "" websiteConfig) + "\n" + "include ${autheliaLocation};"; }; mine.shared.lib.authelia.mkProtectedLocation = vhostLocationConfig: lib.recursiveUpdate vhostLocationConfig { diff --git a/machines/gerd/services/member-website/default.nix b/machines/gerd/services/member-website/default.nix index c92daac..738da25 100644 --- a/machines/gerd/services/member-website/default.nix +++ b/machines/gerd/services/member-website/default.nix @@ -18,9 +18,7 @@ in { }; services.nginx.virtualHosts."${config.mine.shared.settings.domain}" = config.mine.shared.lib.authelia.mkProtectedWebsite { - endpoint = urlpath; - vhostConfig.locations."${urlpath}" = { - # extraConfig = "rewrite ^${urlpath}(.*)$ /$1 break;"; + locations."${urlpath}" = config.mine.shared.lib.authelia.mkProtectedLocation { proxyPass = "http://localhost:${builtins.toString port}"; }; };