diff --git a/systems/x86_64-linux/sgx/acme.nix b/systems/x86_64-linux/sgx/acme.nix index f3ed939..e8e6e3e 100644 --- a/systems/x86_64-linux/sgx/acme.nix +++ b/systems/x86_64-linux/sgx/acme.nix @@ -1,5 +1,8 @@ -{ config -, ... +{ + pkgs, + lib, + config, + ... }: { sops.secrets.internetbs = { @@ -14,12 +17,8 @@ credentialsFile = config.sops.secrets.internetbs.path; }; certs = { - "internal.hoyer.world" = { - extraDomainNames = [ - "openwebui.hoyer.world" - "syncthing.hoyer.world" - ]; - }; + "openwebui.hoyer.world" = { }; + "syncthing.hoyer.world" = { }; }; }; } diff --git a/systems/x86_64-linux/sgx/nginx.nix b/systems/x86_64-linux/sgx/nginx.nix index 96a7761..6d86d9f 100644 --- a/systems/x86_64-linux/sgx/nginx.nix +++ b/systems/x86_64-linux/sgx/nginx.nix @@ -1,5 +1,8 @@ -{ config -, ... +{ + pkgs, + lib, + config, + ... }: { users.users.nginx.extraGroups = [ "acme" ]; @@ -20,7 +23,7 @@ virtualHosts = { "openwebui.hoyer.world" = { enableACME = false; - useACMEHost = "internal.hoyer.world"; + useACMEHost = "openwebui.hoyer.world"; forceSSL = true; locations."/" = { proxyPass = "http://127.0.0.1:${toString config.services.open-webui.port}"; @@ -29,7 +32,7 @@ }; "syncthing.hoyer.world" = { enableACME = false; - useACMEHost = "internal.hoyer.world"; + useACMEHost = "syncthing.hoyer.world"; forceSSL = true; locations."/" = { proxyPass = "http://127.0.0.1:8384"; diff --git a/systems/x86_64-linux/sgx/openwebui.nix b/systems/x86_64-linux/sgx/openwebui.nix index 3605a1f..0c91512 100644 --- a/systems/x86_64-linux/sgx/openwebui.nix +++ b/systems/x86_64-linux/sgx/openwebui.nix @@ -3,14 +3,12 @@ services.open-webui = { enable = true; port = 8080; - host = "127.0.0.1"; + host = "0.0.0.0"; environment = { ANONYMIZED_TELEMETRY = "False"; DO_NOT_TRACK = "True"; SCARF_NO_ANALYTICS = "True"; - ENABLE_OLLAMA_API = "True"; OLLAMA_API_BASE_URL = "http://m4.local:11434"; - ENABLE_OPENAI_API = "False"; # Disable authentication WEBUI_AUTH = "False"; };