cilly/flakes
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

services/website: init

Browse source
This commit is contained in:
LavaDesu 2025-05-22 23:42:08 +10:00
parent f35d104f84
commit 93279eb6e6
Signed by: cilly
GPG key ID: 6500251E087653C9
4 changed files with 27 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

1
hosts/dandelion/default.nix
View file

@ -22,6 +22,7 @@
modules.services.nginx modules.services.nginx
modules.services.postgres modules.services.postgres
modules.services.unbound modules.services.unbound
modules.services.website
./filesystem.nix ./filesystem.nix
./kernel.nix ./kernel.nix

1
modules/default.nix
View file

@ -26,6 +26,7 @@ in {
./services/transmission.nix ./services/transmission.nix
./services/unbound.nix ./services/unbound.nix
./services/vaultwarden.nix ./services/vaultwarden.nix
./services/website.nix
]; ];
system = mkAttrsFromPaths [ system = mkAttrsFromPaths [
./system/aagl.nix ./system/aagl.nix

2
modules/services/nginx.nix
View file

@ -1,4 +1,4 @@
{ config, inputs, ... }: { { config, ... }: {
networking.firewall.allowedTCPPorts = [ 80 443 ]; networking.firewall.allowedTCPPorts = [ 80 443 ];
security.acme = { security.acme = {
acceptTerms = true; acceptTerms = true;

24
modules/services/website.nix Normal file
View file

@ -0,0 +1,24 @@
{ inputs, ... }: {
services.nginx.virtualHosts = {
"lava.moe" = {
useACMEHost = "lava.moe";
forceSSL = true;
root = inputs.website.outPath;
};
"cdn.lava.moe" = {
useACMEHost = "lava.moe";
forceSSL = true;
root = "/persist/cdn";
};
"_" = {
default = true;
addSSL = true;
# TODO generate this somewhere
sslCertificate = "/persist/fakeCerts/fake.crt";
sslCertificateKey = "/persist/fakeCerts/fake.key";
extraConfig = ''
return 444;
'';
};
};
}