set up SSL for jellyfin server
note: assumes that the mediaserver is hosting jellyfin. consider separating these concerns?
This commit is contained in:
Haak Saxberg
parent
97604c537a
commit
af7d66ac10
2 changed files with 8 additions and 2 deletions
|
|
@ -1,3 +1,5 @@
|
||||||
|
{ lib, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
networking.firewall = {
|
networking.firewall = {
|
||||||
allowedTCPPorts = [
|
allowedTCPPorts = [
|
||||||
|
|
@ -17,6 +19,8 @@
|
||||||
|
|
||||||
services.jellyfin.enable = true;
|
services.jellyfin.enable = true;
|
||||||
|
|
||||||
|
security.acme.acceptTerms = true;
|
||||||
|
security.acme.defaults.email = lib.strings.fileContents ../../../../secrets/letsencrypt/mediaserver/email;
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
enable = true;
|
enable = true;
|
||||||
recommendedGzipSettings = true;
|
recommendedGzipSettings = true;
|
||||||
|
|
@ -24,7 +28,9 @@
|
||||||
recommendedProxySettings = true;
|
recommendedProxySettings = true;
|
||||||
recommendedTlsSettings = true;
|
recommendedTlsSettings = true;
|
||||||
|
|
||||||
virtualHosts."mediaserver" = {
|
virtualHosts."${lib.strings.fileContents ../../../../secrets/letsencrypt/mediaserver/domain}" = {
|
||||||
|
forceSSL = true;
|
||||||
|
enableACME = true;
|
||||||
# http2 can more performant for streaming: https://blog.cloudflare.com/introducing-http2/
|
# http2 can more performant for streaming: https://blog.cloudflare.com/introducing-http2/
|
||||||
http2 = true;
|
http2 = true;
|
||||||
|
|
||||||
|
|
|
||||||
2
secrets
2
secrets
|
|
@ -1 +1 @@
|
||||||
Subproject commit 70b9503c98eb2f690a6c7461549ca59be3089db2
|
Subproject commit b914c37721237fc8f22edfa19b83a7bdc3d4ff83
|
||||||
Loading…
Add table
Add a link
Reference in a new issue