configurations/nixos/configure/smarthome/mqtt-webui: use ssl-client-auth

commit d80d38a3ccc7d966e8b3b1c463e8812439085d0e
parent cd9ac762c1999dc8f8283e0cf29efc02964249b2
Author: Katja (ctucx) <git@ctu.cx>
Date: Sun, 9 Mar 2025 17:47:05 +0100

configurations/nixos/configure/smarthome/mqtt-webui: use ssl-client-auth

2 files changed, 8 insertions(+), 3 deletions(-)

configurations/nixos/configure/smarthome/mqtt-webui/config.nix

++++---

configurations/nixos/configure/smarthome/mqtt-webui/default.nix

++++

diff --git a/configurations/nixos/configure/smarthome/mqtt-webui/config.nix b/configurations/nixos/configure/smarthome/mqtt-webui/config.nix
@@ -89,9 +89,10 @@ let
 
 in {
 
-  appName  = "Smart-Home";
-  extraCSS = "/extra.css";
-  pages    =  [
+  appName     = "Smart-Home";
+  extraCSS    = "/extra.css";
+  disableAuth = true;
+  pages       = [
     {
       id        = "mainpage";
       icon     = "favicon-512x512.png";

diff --git a/configurations/nixos/configure/smarthome/mqtt-webui/default.nix b/configurations/nixos/configure/smarthome/mqtt-webui/default.nix
@@ -10,6 +10,10 @@
       useACMEHost = "${config.networking.fqdn}";
       forceSSL    = true;
       kTLS        = true;
+      extraConfig = ''
+        ssl_client_certificate ${../../../../../secrets/certs/root_ca.crt};
+        ssl_verify_client on;
+      '';
 
       locations  = {
         "/" = {