Infinidoge/universe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(Infini-SERVER): finish nginx/nitter setup

Browse source
This commit is contained in:
Infinidoge 2022-11-07 12:17:35 -05:00
parent 5fb50d467d
commit cdd6adf4a3
1 changed files with 43 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

53
hosts/Infini-SERVER/default.nix
View file

@ -1,4 +1,4 @@
{ suites, profiles, pkgs, lib, ... }: { { config, suites, profiles, pkgs, lib, ... }: {
imports = lib.flatten [ imports = lib.flatten [
(with suites; [ base ]) (with suites; [ base ])
@ -48,23 +48,51 @@
]; ];
}; };
age.secrets."inx.moe.pem".owner = "nginx";
age.secrets."inx.moe.pem".group = "nginx";
age.secrets."inx.moe.key".owner = "nginx";
age.secrets."inx.moe.key".group = "nginx";
services = { services = {
nginx = { nginx =
enable = true; let
virtualHosts = { cfg = config.services.nginx;
"nitter.inx.moe" = { ssl = { sslCertificate = config.secrets."inx.moe.pem"; sslCertificateKey = config.secrets."inx.moe.key"; forceSSL = true; };
enableACME = true; in
forceSSL = true; {
locations."/" = { enable = true;
proxyPass = "http://localhost:8000";
statusPage = true;
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
recommendedProxySettings = true;
virtualHosts = {
"*.inx.moe" = ssl // {
listen = lib.flatten
(map
(addr: [
{ inherit addr; port = 443; ssl = true; }
{ inherit addr; port = 80; ssl = false; }
])
cfg.defaultListenAddresses);
globalRedirect = "inx.moe";
};
"nitter.inx.moe" = ssl // {
locations."/" = {
proxyPass = "http://localhost:8000";
};
}; };
}; };
}; };
};
nitter = rec { nitter = rec {
enable = true; enable = true;
server = { server = {
title = "Nitter | inx.moe";
port = 8000; port = 8000;
hostname = "nitter.inx.moe"; hostname = "nitter.inx.moe";
}; };
@ -76,4 +104,9 @@
}; };
}; };
}; };
networking.firewall = {
allowedUDPPorts = [ 80 443 ];
allowedTCPPorts = [ 80 443 ];
};
} }