diff --git a/nixos/hosts/osaka-linode-01/firewall.nix b/nixos/hosts/osaka-linode-01/firewall.nix index e01d7886..bcb87994 100644 --- a/nixos/hosts/osaka-linode-01/firewall.nix +++ b/nixos/hosts/osaka-linode-01/firewall.nix @@ -58,25 +58,19 @@ timeout client 30s timeout server 30s maxconn 3000 - log global + log global frontend http mode http bind :80 + bind :443 ssl crt /Storage/Data/Docker/sysctl.io/letsencrypt/external/*.sysctl.io/combined.pem + http-request redirect scheme https unless { ssl_fc } option forwardfor default_backend backend_http backend backend_http mode http - server framework-server 10.100.0.2 + server framework-server 10.100.0.2:443 ssl verify required ca-file @system-ca - frontend https - mode tcp - bind :443 ssl crt /Storage/Data/Docker/sysctl.io/letsencrypt/external/*.sysctl.io/combined.pem - default_backend backend_https - backend backend_http - mode http - server framework-server 10.100.0.2:443 ssl verity required ca-file /Storage/Data/Docker/sysctl.io/letsencrypt/external/*.sysctl.io/combined.pem - frontend tcp mode tcp bind :42420