diff --git a/agenix/hosts/sail/config.nix b/agenix/hosts/sail/config.nix index a06b003..86dae4d 100644 --- a/agenix/hosts/sail/config.nix +++ b/agenix/hosts/sail/config.nix @@ -69,5 +69,9 @@ nitter-config = { file = ./nitter/config.age; }; + + nitter-auth = { + file = ./nitter/auth.age; + }; }; } diff --git a/agenix/hosts/sail/nitter/auth.age b/agenix/hosts/sail/nitter/auth.age new file mode 100644 index 0000000..fe3448d --- /dev/null +++ b/agenix/hosts/sail/nitter/auth.age @@ -0,0 +1,10 @@ +age-encryption.org/v1 +-> ssh-ed25519 MtGp6g C5+QHpB3eGllrFooaLK+9oQD85593tINMrFULP6BwkA +hWYPmH2nEBiL70xoHpY5zPpYP2GvZNrRFaheCyyFgb4 +-> ssh-ed25519 NbV4hw Jf+0XhUx+OyLPijrbWe9r0ZPjvG0fpKTJPzRo2lBSBQ +PkFvC59DidoMKbGFxdLeS+A2WRofeUsLl5FRSezWVIE +-> qJKfV-grease +T2novACQv6OJIJrNnNVby8vYTW38Tg +--- 1v41uCUA6qXJNkzYDAQhRKnJrDcQMaURSVlFFpsfA8o +S“¨\k0 ?¹ã€ZŠ4þJ"~–…›ZJæJ¹9í$éòGÿâÉ%,ä7I¯ vÄÜà!ñö¡±´zzõ¹’s“Èiü X +"ëØ_¯K diff --git a/secrets.nix b/secrets.nix index 75a4544..923c78c 100644 --- a/secrets.nix +++ b/secrets.nix @@ -23,4 +23,5 @@ in "agenix/hosts/sail/freshrss/databasePassword.age".publicKeys = sail; "agenix/hosts/sail/nitter/config.age".publicKeys = sail; + "agenix/hosts/sail/nitter/auth.age".publicKeys = sail; } diff --git a/system/nixos/nitter.nix b/system/nixos/nitter.nix index ce7f7a1..afba923 100644 --- a/system/nixos/nitter.nix +++ b/system/nixos/nitter.nix @@ -22,4 +22,25 @@ }; }; }; + + services.nginx = { + enable = true; + virtualHosts."nitter.only.internal" = { + listen = [ + { + addr = "127.0.0.1"; + port = 80; + } + ]; + + forceSSL = false; + enableACME = false; + basicAuthFile = config.age.secrets.nitter-auth.path; + + locations."/" = { + recommendedProxySettings = true; + proxyPass = "http://127.0.0.1:8001"; + }; + }; + }; }