services: paperless: restrict to Tailscale
This commit is contained in:
parent
f0e5e90c10
commit
8eb1fe5001
|
@ -25,6 +25,20 @@ in
|
|||
forceSSL = true;
|
||||
useACMEHost = domain;
|
||||
|
||||
listen = [
|
||||
# FIXME: hardcoded tailscale IP
|
||||
{
|
||||
addr = "100.80.61.67";
|
||||
port = 443;
|
||||
ssl = true;
|
||||
}
|
||||
{
|
||||
addr = "100.80.61.67";
|
||||
port = 80;
|
||||
ssl = false;
|
||||
}
|
||||
];
|
||||
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:${toString cfg.port}";
|
||||
proxyWebsockets = true;
|
||||
|
|
Loading…
Reference in a new issue