Infinidoge/universe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
universe/hosts/Infini-DL360/web.nix

98 lines
2.7 KiB
Nix
Raw Blame History

{
config,
common,
pkgs,
lib,
...
}:
with common.nginx;
let
tryFiles = "$uri $uri.html $uri/ =404";
websiteConfig = ''
error_page 403 /403.html;
error_page 404 /404.html;
location ^~ /.well-known { allow all; }
location = /template.html { deny all; }
location ~* "\.(nix|lock)" { deny all; }
location ~ "/\..+" { deny all; }
add_header Content-Security-Policy "default-src 'self' inx.moe files.inx.moe; frame-ancestors 'self' https://inx.moe; script-src 'self' inx.moe files.inx.moe storage.ko-fi.com; frame-src 'self' inx.moe files.inx.moe github.com;";
add_header X-Content-Type-Options "nosniff;";
'';
mkRedirect = to: ssl-optional // { globalRedirect = to; };
mkTmpRedirect = to: ssl-optional // { locations."/".return = "302 ${to}"; };
in
{
services.nginx.commonHttpConfig = ''
map $request_uri $jump_link {
default "https://inx.moe";
volatile;
include /srv/web/jump.map;
}
'';
services.nginx.virtualHosts = {
"inx.moe" = ssl-inx // {
locations."/" = {
root = "/srv/web/inx.moe/out"; # TODO: Make this less volatile
inherit tryFiles;
extraConfig =
websiteConfig
+ ''
add_header Strict-Transport-Security "max-age=2592000;";
'';
};
};
"nitter.inx.moe" = mkRedirect "twitter.com";
"sweedish.fish" = mkRedirect "swedish.fish";
"blahaj.inx.moe" = mkRedirect "swedish.fish";
"foxy.software" = mkTmpRedirect "https://inx.moe";
"j.inx.moe" = ssl-inx-optional // {
locations."/".return = "302 $jump_link";
};
"swedish.fish" = ssl-optional // {
locations."/" = {
tryFiles = "/Blahaj.png =404";
root = ./static;
};
locations."/buy".return = "301 https://www.ikea.com/us/en/p/blahaj-soft-toy-shark-90373590/";
};
"files.inx.moe" = ssl-inx // {
locations."/" = {
root = "/srv/web/files.inx.moe";
extraConfig = "autoindex on;";
};
locations."/p/" = {
root = "/srv/web/files.inx.moe";
};
};
"random.inx.moe" = ssl-inx // {
locations."/" = {
root = "/srv/web/files.inx.moe/subject";
extraConfig = "random_index on;";
};
};
"old.inx.moe" = ssl-inx-optional // {
locations."/" = {
root = "/srv/web/inx.moe/out";
inherit tryFiles;
extraConfig = websiteConfig;
};
};
"tools.inx.moe" = ssl-inx // {
locations."/" = {
root = "${pkgs.it-tools}/share";
tryFiles = "$uri $uri/ $uri.html /index.html";
};
};
};
services.uwsgi = {
enable = true;
plugins = [ "python3" ];
instance.type = "emperor";
};
}
Reference in a new issue View git blame Copy permalink