felschr/nixos-config
1
1
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

fix(calibre-web): secure /opds

Browse source
This commit is contained in:
Felix Schröter 2022-09-04 11:23:15 +02:00
parent c74cdcb569
commit 44d15185db
Signed by: felschr
GPG key ID: 671E39E6744C807D
3 changed files with 17 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

BIN
secrets/calibre-web/htpasswd.age Normal file
View file

Binary file not shown.

1
secrets/secrets.nix
View file

@ -25,6 +25,7 @@ in {
"owntracks/recorder.env.age".publicKeys = [ felschr home-pc home-server ];
"owntracks/htpasswd.age".publicKeys = [ felschr home-pc home-server ];
"etebase-server.age".publicKeys = [ felschr home-pc home-server ];
"calibre-web/htpasswd.age".publicKeys = [ felschr home-pc home-server ];
"miniflux.age".publicKeys = [ felschr home-pc home-server ];
"paperless.age".publicKeys = [ felschr home-pc home-server ];
"nextcloud/admin.age".publicKeys = [ felschr home-pc home-server ];

21
services/calibre-web.nix
View file

@ -2,6 +2,11 @@
let port = 8088;
in {
age.secrets.calibre-web-htpasswd = {
file = ../secrets/calibre-web/htpasswd.age;
owner = config.services.nginx.user;
};
services.calibre-web = {
enable = true;
group = "media";
@ -16,11 +21,17 @@ in {
virtualHosts."books.felschr.com" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://[::1]:${toString port}";
extraConfig = ''
client_max_body_size 500M;
'';
locations = {
"/" = {
proxyPass = "http://[::1]:${toString port}";
extraConfig = ''
client_max_body_size 500M;
'';
};
"/opds" = {
proxyPass = "http://[::1]:${toString port}";
basicAuthFile = config.age.secrets.calibre-web-htpasswd.path;
};
};
};
};