From 7fc3a74329600e1fce94a3a864bd830eec08d1ca Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 27 Mar 2021 15:48:49 +0000 Subject: [PATCH] services: use explicit loopback address w/ vhosts Otherwise it can result in failure to proxy requests sometimes... --- services/calibre-web.nix | 2 +- services/drone.nix | 2 +- services/gitea.nix | 2 +- services/indexers.nix | 4 ++-- services/jellyfin.nix | 2 +- services/miniflux.nix | 2 +- services/nextcloud.nix | 2 +- services/pirate.nix | 2 +- services/sabnzbd.nix | 2 +- services/transmission.nix | 2 +- 10 files changed, 11 insertions(+), 11 deletions(-) diff --git a/services/calibre-web.nix b/services/calibre-web.nix index 57d0e69..f7b4695 100644 --- a/services/calibre-web.nix +++ b/services/calibre-web.nix @@ -46,7 +46,7 @@ in forceSSL = true; useACMEHost = domain; - locations."/".proxyPass = "http://localhost:${toString cfg.port}/"; + locations."/".proxyPass = "http://127.0.0.1:${toString cfg.port}/"; }; my.services.backup = { diff --git a/services/drone.nix b/services/drone.nix index d3314b4..7c026bc 100644 --- a/services/drone.nix +++ b/services/drone.nix @@ -113,7 +113,7 @@ in forceSSL = true; useACMEHost = domain; - locations."/".proxyPass = "http://localhost:${toString cfg.port}"; + locations."/".proxyPass = "http://127.0.0.1:${toString cfg.port}"; }; # Docker runner diff --git a/services/gitea.nix b/services/gitea.nix index 806812d..ea739d5 100644 --- a/services/gitea.nix +++ b/services/gitea.nix @@ -64,7 +64,7 @@ in forceSSL = true; useACMEHost = domain; - locations."/".proxyPass = "http://localhost:${toString cfg.port}/"; + locations."/".proxyPass = "http://127.0.0.1:${toString cfg.port}/"; }; my.services.backup = { diff --git a/services/indexers.nix b/services/indexers.nix index f7f405a..07e0f52 100644 --- a/services/indexers.nix +++ b/services/indexers.nix @@ -26,7 +26,7 @@ in forceSSL = true; useACMEHost = domain; - locations."/".proxyPass = "http://localhost:${toString jackettPort}/"; + locations."/".proxyPass = "http://127.0.0.1:${toString jackettPort}/"; }; services.nzbhydra2 = lib.mkIf cfg.nzbhydra.enable { @@ -38,7 +38,7 @@ in forceSSL = true; useACMEHost = domain; - locations."/".proxyPass = "http://localhost:${toString nzbhydraPort}/"; + locations."/".proxyPass = "http://127.0.0.1:${toString nzbhydraPort}/"; }; }; } diff --git a/services/jellyfin.nix b/services/jellyfin.nix index b420892..dc48354 100644 --- a/services/jellyfin.nix +++ b/services/jellyfin.nix @@ -22,7 +22,7 @@ in useACMEHost = domain; locations."/" = { - proxyPass = "http://localhost:8096/"; + proxyPass = "http://127.0.0.1:8096/"; proxyWebsockets = true; }; }; diff --git a/services/miniflux.nix b/services/miniflux.nix index 8f7b438..035bfaf 100644 --- a/services/miniflux.nix +++ b/services/miniflux.nix @@ -61,7 +61,7 @@ in forceSSL = true; useACMEHost = domain; - locations."/".proxyPass = "http://localhost:${toString cfg.privatePort}/"; + locations."/".proxyPass = "http://127.0.0.1:${toString cfg.privatePort}/"; }; }; } diff --git a/services/nextcloud.nix b/services/nextcloud.nix index 3354436..d52e32a 100644 --- a/services/nextcloud.nix +++ b/services/nextcloud.nix @@ -63,7 +63,7 @@ in forceSSL = true; useACMEHost = domain; - locations."/".proxyPass = "http://localhost:3000/"; + locations."/".proxyPass = "http://127.0.0.1:3000/"; }; my.services.backup = { diff --git a/services/pirate.nix b/services/pirate.nix index bb6a97c..2eb490b 100644 --- a/services/pirate.nix +++ b/services/pirate.nix @@ -28,7 +28,7 @@ let forceSSL = true; useACMEHost = domain; - locations."/".proxyPass = "http://localhost:${builtins.toString port}/"; + locations."/".proxyPass = "http://127.0.0.1:${builtins.toString port}/"; }) ports); in diff --git a/services/sabnzbd.nix b/services/sabnzbd.nix index d1dfa48..ebeef8b 100644 --- a/services/sabnzbd.nix +++ b/services/sabnzbd.nix @@ -22,7 +22,7 @@ in forceSSL = true; useACMEHost = domain; - locations."/".proxyPass = "http://localhost:${toString port}"; + locations."/".proxyPass = "http://127.0.0.1:${toString port}"; }; }; } diff --git a/services/transmission.nix b/services/transmission.nix index 59100d8..316973d 100644 --- a/services/transmission.nix +++ b/services/transmission.nix @@ -81,7 +81,7 @@ in forceSSL = true; useACMEHost = domain; - locations."/".proxyPass = "http://localhost:${toString cfg.privatePort}"; + locations."/".proxyPass = "http://127.0.0.1:${toString cfg.privatePort}"; }; networking.firewall = {