diff --git a/modules/users/overseer/acme.nix b/modules/users/overseer/acme.nix index ebe77fc..a221807 100644 --- a/modules/users/overseer/acme.nix +++ b/modules/users/overseer/acme.nix @@ -43,6 +43,7 @@ lib.mkIf config.user.overseer.enable { "homebox.wanderingcrow.net" = {}; "bookstack.wanderingcrow.net" = {}; "cache.wanderingcrow.net" = {}; + "openhab.wanderingcrow.net" = {}; }; }; } diff --git a/modules/users/overseer/services/default.nix b/modules/users/overseer/services/default.nix index e132f3d..42e642e 100644 --- a/modules/users/overseer/services/default.nix +++ b/modules/users/overseer/services/default.nix @@ -8,5 +8,6 @@ ./the-nest.nix ./umami.nix ./lubelogger.nix + ./openhab.nix ]; } diff --git a/modules/users/overseer/services/openhab.nix b/modules/users/overseer/services/openhab.nix index 8c0c3fa..c1a5110 100644 --- a/modules/users/overseer/services/openhab.nix +++ b/modules/users/overseer/services/openhab.nix @@ -8,10 +8,10 @@ in }: lib.mkIf config.user.overseer.enable { systemd.tmpfiles.rules = [ - "d ${volumePath}/openhab" - "d ${volumePath}/openhab/conf" - "d ${volumePath}/openhab/userdata" - "d ${volumePath}/openhab/addons" + "d ${volumePath}/openhab openhab" + "d ${volumePath}/openhab/conf openhab" + "d ${volumePath}/openhab/userdata openhab" + "d ${volumePath}/openhab/addons openhab" ]; ########### # Service # @@ -21,7 +21,7 @@ in backend = "podman"; containers."openhab" = { image = "openhab/openhab:5.0.0.M1"; - user = "openhab:openhab"; + extraOptions = ["--ip=10.88.0.9"]; volumes = [ "${volumePath}/openhab/conf:/openhab/conf" "${volumePath}/openhab/userdata:/openhab/userdata" @@ -29,4 +29,24 @@ in ]; }; }; + + services.nginx = { + enable = true; + recommendedProxySettings = true; + virtualHosts = { + "openhab.wanderingcrow.net" = { + forceSSL = true; + useACMEHost = "openhab.wanderingcrow.net"; + locations."/" = { + extraConfig = '' + allow 192.168.0.0/16; + allow 10.8.0.0/24; + allow 24.179.20.202; + deny all; + ''; + proxyPass = "http://10.88.0.9:8080"; + }; + }; + }; + }; }