2023-08-26 23:00:18 +01:00
|
|
|
{pkgs, ...}: let
|
2023-08-13 17:00:41 +01:00
|
|
|
path = "/var/www/blog/";
|
|
|
|
|
in {
|
|
|
|
|
imports = [../nginx.nix];
|
2023-08-26 23:00:18 +01:00
|
|
|
|
2023-08-12 18:15:18 +01:00
|
|
|
services.nginx = {
|
2023-08-26 23:00:18 +01:00
|
|
|
recommendedBrotliSettings = true;
|
|
|
|
|
recommendedGzipSettings = true;
|
|
|
|
|
recommendedTlsSettings = true;
|
|
|
|
|
recommendedOptimisation = true;
|
|
|
|
|
package = pkgs.nginxQuic;
|
2023-08-12 18:15:18 +01:00
|
|
|
virtualHosts = {
|
2023-08-12 21:20:37 +01:00
|
|
|
"blog.cyplo.dev" = {
|
2023-08-12 18:15:18 +01:00
|
|
|
forceSSL = true;
|
|
|
|
|
enableACME = true;
|
2023-08-26 23:00:18 +01:00
|
|
|
quic = true;
|
|
|
|
|
extraConfig = ''
|
|
|
|
|
'';
|
2023-08-12 18:15:18 +01:00
|
|
|
locations."/" = {
|
2023-08-13 17:00:41 +01:00
|
|
|
root = path;
|
2023-08-12 18:15:18 +01:00
|
|
|
};
|
|
|
|
|
};
|
2023-08-12 21:20:37 +01:00
|
|
|
"blog.cyplo.net" = {
|
|
|
|
|
forceSSL = true;
|
|
|
|
|
enableACME = true;
|
|
|
|
|
globalRedirect = "blog.cyplo.dev";
|
|
|
|
|
};
|
2023-08-12 18:15:18 +01:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
users.extraUsers.blog = {
|
|
|
|
|
openssh.authorizedKeys.keys = [
|
2023-08-12 20:47:06 +01:00
|
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILqDeXcIQwLXxuueu9KTC6y6NPUUzDRdF4Q5NUk+nFwt upload@blog"
|
2023-08-13 17:00:41 +01:00
|
|
|
];
|
2023-08-12 18:15:18 +01:00
|
|
|
group = "nginx";
|
|
|
|
|
isSystemUser = false;
|
|
|
|
|
isNormalUser = true;
|
2023-08-13 17:00:41 +01:00
|
|
|
home = path;
|
|
|
|
|
createHome = true;
|
|
|
|
|
homeMode = "750";
|
2023-08-12 18:15:18 +01:00
|
|
|
};
|
|
|
|
|
}
|
