lemmy: upstream the proxy headers
This commit is contained in:
parent
242541304e
commit
6129fbf2b3
|
@ -68,17 +68,6 @@ in {
|
|||
services.nginx.virtualHosts."lemmy.uninsane.org" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
# XXX(2024/04/25): fix that incoming federation actions are rejected for invalid HTTP signatures.
|
||||
# see: <https://github.com/NixOS/nixpkgs/pull/284562#issuecomment-2079104081>
|
||||
# of all these, we only *need* the `Host` header. the others are just nice-to-have.
|
||||
locations."/".extraConfig = ''
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
proxy_set_header X-Forwarded-Server $host;
|
||||
'';
|
||||
};
|
||||
|
||||
sane.dns.zones."uninsane.org".inet.CNAME."lemmy" = "native";
|
||||
|
|
|
@ -32,6 +32,14 @@ in [
|
|||
# etc, where "date" is like "20240228181608"
|
||||
# and can be found with `nix-repl > :lf . > lastModifiedDate`
|
||||
|
||||
(fetchpatch' {
|
||||
# see: <https://github.com/NixOS/nixpkgs/pull/284562#issuecomment-2079104081>
|
||||
title = "nixos/lemmy: fix nginx backend to proxy needed headers";
|
||||
prUrl = "https://github.com/NixOS/nixpkgs/pull/306984";
|
||||
saneCommit = "bd87a38b86f889a6902a356ab415eeead881766b";
|
||||
hash = "sha256-53X4ssdp02C8NOUL5mlbhR7qwE9/KWp6iLmz1ljJopE=";
|
||||
})
|
||||
|
||||
(fetchpatch' {
|
||||
title = "libjxl: fix cross compilation by only conditionally enabling plugins";
|
||||
prUrl = "https://github.com/NixOS/nixpkgs/pull/306127";
|
||||
|
|
Loading…
Reference in New Issue