proxy authentik and dav with sso

2025-01-21 00:16:31 +00:00 · 2025-01-21 00:16:31 +00:00 · 5bbfdddaaa
commit 5bbfdddaaa
parent 3a98bf89b6
4 changed files with 70 additions and 58 deletions
--- a/hosts/cloud/proxy/default.nix
+++ b/hosts/cloud/proxy/default.nix
@ -2,7 +2,7 @@
 {
  imports = [
    ./auth.nix
-    ./dav-htaccess.nix
+    ./dav.nix
  ];

  networking.firewall.allowedTCPPorts = [
@ -16,14 +16,15 @@
    recommendedGzipSettings = true;
    recommendedOptimisation = true;
    recommendedTlsSettings = true;
-    recommendedProxySettings = true;

    sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";

    appendHttpConfig = ''
-      proxy_buffers 4 256k;
-      proxy_buffer_size 128k;
-      proxy_busy_buffers_size 256k;
+      # upgrade websockets
+      map $http_upgrade $connection_upgrade_keepalive {
+        default upgrade;
+        '''      ''';
+      }

      ### TLS
      # Add HSTS header with preloading to HTTPS requests.