diff --git a/modules/users/overseer/acme.nix b/modules/users/overseer/acme.nix index eac804d..0a60a33 100644 --- a/modules/users/overseer/acme.nix +++ b/modules/users/overseer/acme.nix @@ -37,6 +37,9 @@ lib.mkIf config.user.overseer.enable { }; certs = { "bar.wanderingcrow.net" = {}; + "home.wanderingcrow.net" = {}; + "homebox.wanderingcrow.net" = {}; + "bookstack.wanderingcrow.net" = {}; }; }; } diff --git a/modules/users/overseer/services/bookstack.nix b/modules/users/overseer/services/bookstack.nix index 7a3d53e..c18fb3c 100644 --- a/modules/users/overseer/services/bookstack.nix +++ b/modules/users/overseer/services/bookstack.nix @@ -33,5 +33,9 @@ in hostname = "bookstack.wanderingcrow.net"; database.createLocally = true; appKeyFile = config.sops.secrets."bookstack/key".path; + nginx = { + forceSSL = true; + useACMEHost = "bookstack.wanderingcrow.net"; + }; }; } diff --git a/modules/users/overseer/services/homebox.nix b/modules/users/overseer/services/homebox.nix index d70064f..b3f7834 100644 --- a/modules/users/overseer/services/homebox.nix +++ b/modules/users/overseer/services/homebox.nix @@ -23,6 +23,8 @@ lib.mkIf config.user.overseer.enable { recommendedProxySettings = true; virtualHosts = { "homebox.wanderingcrow.net" = { + forceSSL = true; + useACMEHost = "homebox.wanderingcrow.net"; locations."/" = { proxyPass = "http://localhost:7745"; proxyWebsockets = true; diff --git a/modules/users/overseer/services/homepage.nix b/modules/users/overseer/services/homepage.nix index e1df9fa..bc99902 100644 --- a/modules/users/overseer/services/homepage.nix +++ b/modules/users/overseer/services/homepage.nix @@ -19,6 +19,8 @@ lib.mkIf config.user.overseer.enable { recommendedProxySettings = true; virtualHosts = { "home.wanderingcrow.net" = { + forceSSL = true; + useACMEHost = "home.wanderingcrow.net"; locations."/" = { extraConfig = '' allow 192.168.0.0/16;