diff --git a/modules/users/overseer/acme.nix b/modules/users/overseer/acme.nix index fbcc88f..a1d84d3 100644 --- a/modules/users/overseer/acme.nix +++ b/modules/users/overseer/acme.nix @@ -40,6 +40,7 @@ lib.mkIf config.user.overseer.enable { "homebox.wanderingcrow.net" = {}; "bookstack.wanderingcrow.net" = {}; "grocy.wanderingcrow.net" = {}; + "cache.wanderingcrow.net" = {}; }; }; } diff --git a/modules/users/overseer/services/attic.nix b/modules/users/overseer/services/attic.nix index f0a9dfc..130502b 100644 --- a/modules/users/overseer/services/attic.nix +++ b/modules/users/overseer/services/attic.nix @@ -14,23 +14,39 @@ lib.mkIf config.user.overseer.enable { AWS_SECRET_ACCESS_KEY=${config.sops.placeholder."aws/secret_key"} ''; }; - services.atticd = { - enable = true; - mode = "monolithic"; - environmentFile = config.sops.templates."attic-env".path; - settings = { - listen = "[::]:8080"; - jwt = {}; - chunking = { - nar-size-threshold = 64 * 1024; # 64 KiB - min-size = 16 * 1024; # 16 KiB - avg-size = 64 * 1024; # 64 KiB - max-size = 256 * 1024; # 256 KiB + services = { + atticd = { + enable = true; + mode = "monolithic"; + environmentFile = config.sops.templates."attic-env".path; + settings = { + listen = "[::]:8080"; + jwt = {}; + chunking = { + nar-size-threshold = 64 * 1024; # 64 KiB + min-size = 16 * 1024; # 16 KiB + avg-size = 64 * 1024; # 64 KiB + max-size = 256 * 1024; # 256 KiB + }; + storage = { + type = "s3"; + region = "us-east-1"; + bucket = "wce-20250209044958802100000001"; + }; }; - storage = { - type = "s3"; - region = "us-east-1"; - bucket = "wce-20250209044958802100000001"; + nginx = { + enable = true; + recommendedProxySettings = true; + virtualHosts = { + "cache.wanderingcrow.net" = { + forceSSL = true; + useACMEHost = "cache.wanderingcrow.net"; + locations."/" = { + proxyPass = "http://localhost:8080"; + proxyWebsockets = true; + }; + }; + }; }; }; };