diff --git a/modules/nixos/services/caddy/default.nix b/modules/nixos/services/caddy/default.nix index 1d47dfd..2f18d4c 100644 --- a/modules/nixos/services/caddy/default.nix +++ b/modules/nixos/services/caddy/default.nix @@ -47,10 +47,6 @@ let handle @hass { reverse_proxy http://nuc-nixos.local:8123 } - - handle { - respond "Forbidden" 403 - } ''; }; diff --git a/modules/nixos/services/nextcloud/default.nix b/modules/nixos/services/nextcloud/default.nix index 5acff67..94e5d77 100644 --- a/modules/nixos/services/nextcloud/default.nix +++ b/modules/nixos/services/nextcloud/default.nix @@ -17,6 +17,11 @@ let options = { }; moduleConfig = { + # Override the empty systemd service created by mkModule. + # The native NixOS nextcloud module doesn't create a persistent "nextcloud.service" + # (it uses PHP-FPM pools and cron instead), so we clear this to avoid the error: + # "Service has no ExecStart=, ExecStop=, or SuccessAction=. Refusing." + systemd.services.nextcloud = lib.mkForce { }; # Setup the native NixOS Nextcloud service services.nextcloud = { enable = true; @@ -80,7 +85,11 @@ let overwritehost = "cloud.mjallen.dev"; log_type = "file"; default_phone_region = "US"; - trusted_proxies = [ "10.0.1.3" ]; + trusted_proxies = [ + "10.0.1.3" + "127.0.0.1" + "::1" + ]; trusted_domains = [ "cloud.mjallen.dev" "10.0.1.3:${toString cfg.port}" diff --git a/systems/x86_64-linux/jallen-nas/apps.nix b/systems/x86_64-linux/jallen-nas/apps.nix index 9b7b8c9..18779f4 100755 --- a/systems/x86_64-linux/jallen-nas/apps.nix +++ b/systems/x86_64-linux/jallen-nas/apps.nix @@ -149,7 +149,7 @@ in reverseProxy = disabled; }; lemonade = { - enable = true; + enable = false; port = 8001; modelsDir = "/media/nas/main/ai/lemonade/models"; reverseProxy = disabled; @@ -188,6 +188,10 @@ in nextcloud = { enable = true; port = 9988; + reverseProxy = { + enable = true; + subdomain = "cloud"; + }; }; ntfy = { enable = true;