nixos/middleman: Working HTTPS

2022-06-06 00:57:11 +01:00
parent 7da7458a34
commit 60b2b6ec80
3 changed files with 45 additions and 3 deletions
--- a/nixos/boxes/colony/vms/estuary/default.nix
+++ b/nixos/boxes/colony/vms/estuary/default.nix
@@ -143,6 +143,16 @@
                nat = {
                  enable = true;
                  externalInterface = "wan";
+                  forwardPorts = [
+                    {
+                      port = "http";
+                      dst = allAssignments.middleman.internal.ipv4.address + ":http";
+                    }
+                    {
+                      port = "https";
+                      dst = allAssignments.middleman.internal.ipv4.address + ":https";
+                    }
+                  ];
                };
                extraRules =
                let
--- a/nixos/boxes/colony/vms/estuary/dns.nix
+++ b/nixos/boxes/colony/vms/estuary/dns.nix
@@ -234,6 +234,8 @@ in
            ns IN ALIAS ${config.networking.fqdn}.

            @ IN ALIAS ${config.networking.fqdn}.
+            http IN A ${assignments.internal.ipv4.address}
+            http IN AAAA ${allAssignments.middleman.internal.ipv6.address}

            $TTL 3
            _acme-challenge IN LUA TXT ${fileRecVal}