egirls-nixos/ogdo.nix

63 lines
1.3 KiB
Nix
Raw Normal View History

2024-02-29 22:12:46 +00:00
{
users.groups.ogdo = { members = [ "nginx" "jaina" ]; };
services.nginx = {
enable = true;
# ꙮ.run
2024-10-10 05:43:48 +00:00
virtualHosts = let
2024-02-29 22:12:46 +00:00
listen = [
{
addr = "0.0.0.0";
port = 80;
}
{
port = 80;
addr = "[::]";
}
# deliberately avoid listening with https
2024-04-20 19:47:03 +00:00
{
addr = "0.0.0.0";
2024-10-10 05:43:48 +00:00
port = 443;
ssl = true;
2024-04-20 19:47:03 +00:00
}
{
2024-10-10 05:43:48 +00:00
port = 443;
ssl = true;
2024-04-20 19:47:03 +00:00
addr = "[::]";
}
];
rejectSSL = true;
2024-10-10 05:43:48 +00:00
in {
"xn--xx8a.run" = {
inherit listen rejectSSL;
root = "/srv/ogdo";
2024-04-20 19:47:03 +00:00
2024-10-10 05:43:48 +00:00
extraConfig = ''
error_page 404 /;
access_log /var/log/nginx/ogdo.log combined;
add_header 'Cache-Control' 'no-cache';
'';
2024-10-10 05:24:18 +00:00
2024-10-10 05:43:48 +00:00
locations."/" = { index = "/index.html"; };
locations."~ ^/.+" = {
root = "/srv/ogdo/served-files";
tryFiles = "$uri =404";
extraConfig = ''
default_type application/pdf;
'';
};
};
2024-10-10 05:24:18 +00:00
2024-10-10 05:43:48 +00:00
"ogdo.run" = {
inherit listen rejectSSL;
locations."/".return = "301 http://xn--xx8a.run$request_uri";
};
2024-10-10 05:24:18 +00:00
2024-10-10 05:43:48 +00:00
".run" = {
inherit listen rejectSSL;
locations."/".return = "301 http://ogdo.run$request_uri";
};
2024-10-10 05:24:18 +00:00
};
2024-02-29 22:12:46 +00:00
};
}