set up SSL for jellyfin server
note: assumes that the mediaserver is hosting jellyfin. consider separating these concerns?
This commit is contained in:
Haak Saxberg
parent
97604c537a
commit
af7d66ac10
2 changed files with 8 additions and 2 deletions
|
|
@ -1,3 +1,5 @@
|
|||
{ lib, ... }:
|
||||
|
||||
{
|
||||
networking.firewall = {
|
||||
allowedTCPPorts = [
|
||||
|
|
@ -17,6 +19,8 @@
|
|||
|
||||
services.jellyfin.enable = true;
|
||||
|
||||
security.acme.acceptTerms = true;
|
||||
security.acme.defaults.email = lib.strings.fileContents ../../../../secrets/letsencrypt/mediaserver/email;
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
recommendedGzipSettings = true;
|
||||
|
|
@ -24,7 +28,9 @@
|
|||
recommendedProxySettings = true;
|
||||
recommendedTlsSettings = true;
|
||||
|
||||
virtualHosts."mediaserver" = {
|
||||
virtualHosts."${lib.strings.fileContents ../../../../secrets/letsencrypt/mediaserver/domain}" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
# http2 can more performant for streaming: https://blog.cloudflare.com/introducing-http2/
|
||||
http2 = true;
|
||||
|
||||
|
|
|
|||
2
secrets
2
secrets
|
|
@ -1 +1 @@
|
|||
Subproject commit 70b9503c98eb2f690a6c7461549ca59be3089db2
|
||||
Subproject commit b914c37721237fc8f22edfa19b83a7bdc3d4ff83
|
||||
Loading…
Add table
Add a link
Reference in a new issue