From d04005b782e11d628f14bfffd0b0c2b5faeec591 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 6 Sep 2025 20:43:21 +0200 Subject: [PATCH] fix brackets --- hosts/hetzner-vpn2/nginx.nix | 128 ++++++++++++++++++----------------- 1 file changed, 65 insertions(+), 63 deletions(-) diff --git a/hosts/hetzner-vpn2/nginx.nix b/hosts/hetzner-vpn2/nginx.nix index 7d161c3..e9955a3 100644 --- a/hosts/hetzner-vpn2/nginx.nix +++ b/hosts/hetzner-vpn2/nginx.nix @@ -22,68 +22,70 @@ in }; }; - services.nginx = { - enable = true; - additionalModules = [ pkgs.nginxModules.pam ]; + services = { + nginx = { + enable = true; + additionalModules = [ pkgs.nginxModules.pam ]; - recommendedProxySettings = true; - recommendedTlsSettings = true; - recommendedGzipSettings = true; - recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; - virtualHosts = - #let - # servicesDomain = "services.zerforschen.plus"; - # mkServiceConfig = - # { host, port }: - # { - # addSSL = true; - # enableACME = true; - # locations."/" = { - # proxyPass = "http://${host}:${toString port}/"; - # extraConfig = '' - # # bind to tailscale ip - # proxy_bind 100.88.118.60; - # # pam auth - # limit_except OPTIONS { - # auth_pam "Password Required"; - # auth_pam_service_name "nginx"; - # } - # ''; - # }; - # }; - # pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; - #in - { - #"code.${servicesDomain}" = lib.mkMerge [ - # (mkServiceConfig { - # host = pc2; - # port = 8542; - # }) - # { locations."/".proxyWebsockets = true; } - #]; - #"view.${servicesDomain}" = mkServiceConfig { - # host = pc2; - # port = 1313; - #}; + virtualHosts = + #let + # servicesDomain = "services.zerforschen.plus"; + # mkServiceConfig = + # { host, port }: + # { + # addSSL = true; + # enableACME = true; + # locations."/" = { + # proxyPass = "http://${host}:${toString port}/"; + # extraConfig = '' + # # bind to tailscale ip + # proxy_bind 100.88.118.60; + # # pam auth + # limit_except OPTIONS { + # auth_pam "Password Required"; + # auth_pam_service_name "nginx"; + # } + # ''; + # }; + # }; + # pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; + #in + { + #"code.${servicesDomain}" = lib.mkMerge [ + # (mkServiceConfig { + # host = pc2; + # port = 8542; + # }) + # { locations."/".proxyWebsockets = true; } + #]; + #"view.${servicesDomain}" = mkServiceConfig { + # host = pc2; + # port = 1313; + #}; - "zerforschen.plus" = { - addSSL = true; - enableACME = true; - locations."/" = { - proxyPass = ("http://unix:" + anubis-domain-socket); + "zerforschen.plus" = { + addSSL = true; + enableACME = true; + locations."/" = { + proxyPass = ("http://unix:" + anubis-domain-socket); + }; + }; + + "vinzenz-lpt2-in-anubis" = { + root = inputs.zerforschen-plus.packages."${pkgs.system}".zerforschen-plus-content; + listen = [ + { + addr = ("unix:" + blog-domain-socket); + } + ]; }; }; - - "vinzenz-lpt2-in-anubis" = { - root = inputs.zerforschen-plus.packages."${pkgs.system}".zerforschen-plus-content; - listen = [ - { - addr = ("unix:" + blog-domain-socket); - } - ]; - }; - }; + }; anubis = { instances.main = { @@ -94,11 +96,11 @@ in }; }; }; - - networking.firewall.allowedTCPPorts = [ - 80 - 443 - 5201 - ]; }; + + networking.firewall.allowedTCPPorts = [ + 80 + 443 + 5201 + ]; }