62 lines
1.3 KiB
Nix
62 lines
1.3 KiB
Nix
{
|
|
users.groups.ogdo = { members = [ "nginx" "jaina" ]; };
|
|
services.nginx = {
|
|
enable = true;
|
|
|
|
# ꙮ.run
|
|
virtualHosts = let
|
|
listen = [
|
|
{
|
|
addr = "0.0.0.0";
|
|
port = 80;
|
|
}
|
|
{
|
|
port = 80;
|
|
addr = "[::]";
|
|
}
|
|
# deliberately avoid listening with https
|
|
{
|
|
addr = "0.0.0.0";
|
|
port = 443;
|
|
ssl = true;
|
|
}
|
|
{
|
|
port = 443;
|
|
ssl = true;
|
|
addr = "[::]";
|
|
}
|
|
];
|
|
rejectSSL = true;
|
|
in {
|
|
"xn--xx8a.run" = {
|
|
inherit listen rejectSSL;
|
|
root = "/srv/ogdo";
|
|
|
|
extraConfig = ''
|
|
error_page 404 /;
|
|
access_log /var/log/nginx/ogdo.log combined;
|
|
add_header 'Cache-Control' 'no-cache';
|
|
'';
|
|
|
|
locations."/" = { index = "/index.html"; };
|
|
locations."~ ^/.+" = {
|
|
root = "/srv/ogdo/served-files";
|
|
tryFiles = "$uri =404";
|
|
extraConfig = ''
|
|
default_type application/pdf;
|
|
'';
|
|
};
|
|
};
|
|
|
|
"ogdo.run" = {
|
|
inherit listen rejectSSL;
|
|
locations."/".return = "301 http://xn--xx8a.run$request_uri";
|
|
};
|
|
|
|
"ꙮ.run" = {
|
|
inherit listen rejectSSL;
|
|
locations."/".return = "301 http://ogdo.run$request_uri";
|
|
};
|
|
};
|
|
};
|
|
}
|