From 21804ebc849ed04e58a10542f2b556ae447b6a80 Mon Sep 17 00:00:00 2001 From: Dionysis Grigoropoulos Date: Thu, 9 May 2024 16:52:20 +0300 Subject: [PATCH] master: Add config to force https for the endpoint --- examples/master.nix | 4 ++++ nix/master.nix | 10 +++++++++- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/examples/master.nix b/examples/master.nix index 9aff69e..f8fab53 100644 --- a/examples/master.nix +++ b/examples/master.nix @@ -69,4 +69,8 @@ # forceSSL = true; # enableACME = true; #}; + + # Optional: If buildbot is setup to run behind another proxy that does TLS + # termination set this to true to have buildbot use https:// for its endpoint + #useHTTPS = true; } diff --git a/nix/master.nix b/nix/master.nix index 18bc93f..3921576 100644 --- a/nix/master.nix +++ b/nix/master.nix @@ -187,6 +187,14 @@ in example = "https://buildbot-webhooks.numtide.com/"; default = config.services.buildbot-master.buildbotUrl; }; + useHTTPS = lib.mkOption { + type = lib.types.nullOr lib.types.bool; + default = false; + description = '' + If buildbot is setup behind a reverse proxy other than the configured nginx set this to true + to force the endpoint to use https:// instead of http://. + ''; + }; outputsPath = lib.mkOption { type = lib.types.nullOr lib.types.path; @@ -292,7 +300,7 @@ in buildbotUrl = let host = config.services.nginx.virtualHosts.${cfg.domain}; - hasSSL = host.forceSSL || host.addSSL; + hasSSL = host.forceSSL || host.addSSL || cfg.useHTTPS; in "${if hasSSL then "https" else "http"}://${cfg.domain}/"; dbUrl = config.services.buildbot-nix.master.dbUrl;