dotfiles/nixos/boxes/mb1/blog.nix

{pkgs, ...}: let
  path = "/var/www/blog/";
in {
  imports = [../nginx.nix];

  services.nginx = {
    recommendedBrotliSettings = true;
    recommendedGzipSettings = true;
    recommendedTlsSettings = true;
    recommendedOptimisation = true;
    package = pkgs.nginxQuic;
    virtualHosts = {
      "blog.cyplo.dev" = {
        forceSSL = true;
        enableACME = true;
        quic = true;
        extraConfig = ''
        '';
        locations."/" = {
          root = path;
        };
      };
      "blog.cyplo.net" = {
        forceSSL = true;
        enableACME = true;
        globalRedirect = "blog.cyplo.dev";
      };
    };
  };

  users.extraUsers.blog = {
    openssh.authorizedKeys.keys = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICt4yRr0Vl4rkto79Subis0LY8z3+g0VRAM7xf+YfLKO blog@mb1"
    ];
    group = "nginx";
    isSystemUser = false;
    isNormalUser = true;
    home = path;
    createHome = true;
    homeMode = "750";
  };
}
faster and more secure nginx settings for blog 2023-08-26 23:00:18 +01:00			`{pkgs, ...}: let`
reformat all files using alejandra 2023-08-13 17:00:41 +01:00			`path = "/var/www/blog/";`
			`in {`
			`imports = [../nginx.nix];`
faster and more secure nginx settings for blog 2023-08-26 23:00:18 +01:00
expose blog via nginx 2023-08-12 18:15:18 +01:00			`services.nginx = {`
faster and more secure nginx settings for blog 2023-08-26 23:00:18 +01:00			`recommendedBrotliSettings = true;`
			`recommendedGzipSettings = true;`
			`recommendedTlsSettings = true;`
			`recommendedOptimisation = true;`
			`package = pkgs.nginxQuic;`
expose blog via nginx 2023-08-12 18:15:18 +01:00			`virtualHosts = {`
port main blog domain to mb1, redirect .net to .dev 2023-08-12 21:20:37 +01:00			`"blog.cyplo.dev" = {`
expose blog via nginx 2023-08-12 18:15:18 +01:00			`forceSSL = true;`
			`enableACME = true;`
faster and more secure nginx settings for blog 2023-08-26 23:00:18 +01:00			`quic = true;`
			`extraConfig = ''`
			`'';`
expose blog via nginx 2023-08-12 18:15:18 +01:00			`locations."/" = {`
reformat all files using alejandra 2023-08-13 17:00:41 +01:00			`root = path;`
expose blog via nginx 2023-08-12 18:15:18 +01:00			`};`
			`};`
port main blog domain to mb1, redirect .net to .dev 2023-08-12 21:20:37 +01:00			`"blog.cyplo.net" = {`
			`forceSSL = true;`
			`enableACME = true;`
			`globalRedirect = "blog.cyplo.dev";`
			`};`
expose blog via nginx 2023-08-12 18:15:18 +01:00			`};`
			`};`

			`users.extraUsers.blog = {`
			`openssh.authorizedKeys.keys = [`
refresh upload key 2024-12-30 15:08:55 +00:00			`"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICt4yRr0Vl4rkto79Subis0LY8z3+g0VRAM7xf+YfLKO blog@mb1"`
reformat all files using alejandra 2023-08-13 17:00:41 +01:00			`];`
expose blog via nginx 2023-08-12 18:15:18 +01:00			`group = "nginx";`
			`isSystemUser = false;`
			`isNormalUser = true;`
reformat all files using alejandra 2023-08-13 17:00:41 +01:00			`home = path;`
			`createHome = true;`
			`homeMode = "750";`
expose blog via nginx 2023-08-12 18:15:18 +01:00			`};`
			`}`