Disabled https

2025-05-28 19:26:11 +02:00 · 2025-05-28 19:26:11 +02:00 · 13fbcea361
commit 13fbcea361
parent 36c2c907d5
1 changed files with 12 additions and 32 deletions
--- a/hosts/vm-vpn/configuration.nix
+++ b/hosts/vm-vpn/configuration.nix
@ -20,39 +20,19 @@
  # Setup wstunnel server
  services.wstunnel = {
    enable = true;
-    servers.wg-tunnel =
-      let
-        tlsFiles = pkgs.stdenvNoCC.mkDerivation {
-          name = "tls-files";
-          phases = [
-            "buildPhase"
-            "installPhase"
-          ];
-          buildPhase = ''
-            ${pkgs.openssl}/bin/openssl genrsa > privkey.pem
-            ${pkgs.openssl}/bin/openssl req -new -x509 -batch -key privkey.pem > fullchain.pem
-          '';
-          installPhase = ''
-            mkdir -p $out
-            cp privkey.pem fullchain.pem $out/
-          '';
-        };
-      in
-      {
-        enableHTTPS = true;
-        listen = {
-          host = "0.0.0.0";
-          port = 8080;
-        };
-        restrictTo = [
-          {
-            host = "10.10.40.100";
-            port = 51820;
-          }
-        ];
-        tlsCertificate = "${tlsFiles}/fullchain.pem";
-        tlsKey = "${tlsFiles}/privkey.pem";
+    servers.wg-tunnel = {
+      enableHTTPS = false;
+      listen = {
+        host = "0.0.0.0";
+        port = 8080;
      };
+      restrictTo = [
+        {
+          host = "10.10.40.100";
+          port = 51820;
+        }
+      ];
+    };
  };
  networking.firewall = {
    allowedTCPPorts = [ 8080 ];