dotfiles/nixos/boxes/mb1/blog.nix

42 lines
958 B
Nix

{pkgs, ...}: let
path = "/var/www/blog/";
in {
imports = [../nginx.nix];
services.nginx = {
recommendedBrotliSettings = true;
recommendedGzipSettings = true;
recommendedTlsSettings = true;
recommendedOptimisation = true;
package = pkgs.nginxQuic;
virtualHosts = {
"blog.cyplo.dev" = {
forceSSL = true;
enableACME = true;
quic = true;
extraConfig = ''
'';
locations."/" = {
root = path;
};
};
"blog.cyplo.net" = {
forceSSL = true;
enableACME = true;
globalRedirect = "blog.cyplo.dev";
};
};
};
users.extraUsers.blog = {
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILqDeXcIQwLXxuueu9KTC6y6NPUUzDRdF4Q5NUk+nFwt upload@blog"
];
group = "nginx";
isSystemUser = false;
isNormalUser = true;
home = path;
createHome = true;
homeMode = "750";
};
}