services: paperless: restrict to Tailscale
This commit is contained in:
parent
f0e5e90c10
commit
8eb1fe5001
|
@ -25,6 +25,20 @@ in
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
useACMEHost = domain;
|
useACMEHost = domain;
|
||||||
|
|
||||||
|
listen = [
|
||||||
|
# FIXME: hardcoded tailscale IP
|
||||||
|
{
|
||||||
|
addr = "100.80.61.67";
|
||||||
|
port = 443;
|
||||||
|
ssl = true;
|
||||||
|
}
|
||||||
|
{
|
||||||
|
addr = "100.80.61.67";
|
||||||
|
port = 80;
|
||||||
|
ssl = false;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
locations."/" = {
|
locations."/" = {
|
||||||
proxyPass = "http://127.0.0.1:${toString cfg.port}";
|
proxyPass = "http://127.0.0.1:${toString cfg.port}";
|
||||||
proxyWebsockets = true;
|
proxyWebsockets = true;
|
||||||
|
|
Loading…
Reference in a new issue