fix: allow incoming traffic to web server to bypass tailscale
This commit is contained in:
parent
41a222bc8f
commit
7bb4b02d52
2 changed files with 21 additions and 2 deletions
system
|
@ -36,10 +36,11 @@ in {
|
|||
${cfg.package}/bin/tailscale up ${lib.escapeShellArgs cfg.extraUpFlags}
|
||||
|
||||
${cfg.package}/bin/tailscale cert ${tailnetHost}
|
||||
chown nginx:nginx /var/lib/tailscale/certs/${tailnetHost}.{key,crt}
|
||||
'';
|
||||
|
||||
services.nginx.virtualHosts.${tailnetHost} = {
|
||||
sslCertificate = "/var/lib/tailscale/certs/${tailnetHost}.key";
|
||||
sslCertificateKey = "/var/lib/tailscale/certs/${tailnetHost}.crt";
|
||||
sslCertificate = "/var/lib/tailscale/certs/${tailnetHost}.crt";
|
||||
sslCertificateKey = "/var/lib/tailscale/certs/${tailnetHost}.key";
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue