clean up nginx config
This commit is contained in:
Vinzenz Schroeter
parent
6754eed1d8
commit
b646261dd5
1 changed files with 18 additions and 61 deletions
|
|
@ -9,17 +9,9 @@ in
|
||||||
defaults.email = "acme@zerforschen.plus";
|
defaults.email = "acme@zerforschen.plus";
|
||||||
};
|
};
|
||||||
|
|
||||||
security.pam.services.nginx.setEnvironment = false;
|
|
||||||
systemd.services = {
|
systemd.services = {
|
||||||
nginx.serviceConfig = {
|
nginx.serviceConfig.SupplementaryGroups = [ "anubis" ];
|
||||||
SupplementaryGroups = [
|
anubis-main.serviceConfig.SupplementaryGroups = [ "nginx" ];
|
||||||
"shadow"
|
|
||||||
"anubis"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
anubis-main.serviceConfig = {
|
|
||||||
SupplementaryGroups = [ "nginx" ];
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
services = {
|
services = {
|
||||||
|
|
@ -32,59 +24,24 @@ in
|
||||||
recommendedGzipSettings = true;
|
recommendedGzipSettings = true;
|
||||||
recommendedOptimisation = true;
|
recommendedOptimisation = true;
|
||||||
|
|
||||||
virtualHosts =
|
virtualHosts = {
|
||||||
#let
|
"zerforschen.plus" = {
|
||||||
# servicesDomain = "services.zerforschen.plus";
|
addSSL = true;
|
||||||
# mkServiceConfig =
|
enableACME = true;
|
||||||
# { host, port }:
|
locations."/" = {
|
||||||
# {
|
proxyPass = "http://unix:" + anubis-domain-socket;
|
||||||
# addSSL = true;
|
|
||||||
# enableACME = true;
|
|
||||||
# locations."/" = {
|
|
||||||
# proxyPass = "http://${host}:${toString port}/";
|
|
||||||
# extraConfig = ''
|
|
||||||
# # bind to tailscale ip
|
|
||||||
# proxy_bind 100.88.118.60;
|
|
||||||
# # pam auth
|
|
||||||
# limit_except OPTIONS {
|
|
||||||
# auth_pam "Password Required";
|
|
||||||
# auth_pam_service_name "nginx";
|
|
||||||
# }
|
|
||||||
# '';
|
|
||||||
# };
|
|
||||||
# };
|
|
||||||
# pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net";
|
|
||||||
#in
|
|
||||||
{
|
|
||||||
#"code.${servicesDomain}" = lib.mkMerge [
|
|
||||||
# (mkServiceConfig {
|
|
||||||
# host = pc2;
|
|
||||||
# port = 8542;
|
|
||||||
# })
|
|
||||||
# { locations."/".proxyWebsockets = true; }
|
|
||||||
#];
|
|
||||||
#"view.${servicesDomain}" = mkServiceConfig {
|
|
||||||
# host = pc2;
|
|
||||||
# port = 1313;
|
|
||||||
#};
|
|
||||||
|
|
||||||
"zerforschen.plus" = {
|
|
||||||
addSSL = true;
|
|
||||||
enableACME = true;
|
|
||||||
locations."/" = {
|
|
||||||
proxyPass = "http://unix:" + anubis-domain-socket;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
"blog-in-anubis" = {
|
|
||||||
root = pkgs.zerforschen-plus-content;
|
|
||||||
listen = [
|
|
||||||
{
|
|
||||||
addr = "unix:" + blog-domain-socket;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
"blog-in-anubis" = {
|
||||||
|
root = pkgs.zerforschen-plus-content;
|
||||||
|
listen = [
|
||||||
|
{
|
||||||
|
addr = "unix:" + blog-domain-socket;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
anubis.instances.main = {
|
anubis.instances.main = {
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue