fix www

2026-02-13 19:06:13 +01:00 · 2026-02-13 19:06:13 +01:00 · ff5cb096de
commit ff5cb096de
parent 5807b563a1
2 changed files with 19 additions and 14 deletions
--- a/hosts/www/nginx.nix
+++ b/hosts/www/nginx.nix
@ -4,17 +4,17 @@ let
  # TODO: mkVHost
 in
 {
-  services.nginx.virtualHosts."${config.networking.fqdn}" = {
+  services.nginx.virtualHosts."www.${config.networking.domain}" = {
    default = true;
    serverAliases = [config.networking.domain];
    quic = true;
    kTLS = true;
    forceSSL = true;
    enableACME = true;
-    root = "/srv/http/www";
-    index = "index.html";
    locations."/" = {
-      try_files = "$uri $uri/ $uri.html =404";
+      root = "/srv/http/www";
+      index = "index.html";
+      tryFiles = "$uri $uri/ $uri.html =404";
    };
  };
 }
--- a/hosts/www/openssh.nix
+++ b/hosts/www/openssh.nix
@ -1,16 +1,21 @@
 { pkgs, ... }:

 {
-  users.users.deploy = {
-    description = "deploys static websites from forgejo";
-    shell = pkgs.nologin;
-    packages = [
-      pkgs.rsync
-    ];
-    openssh.authorizedKeys.keys = [
-      "command='rsync --server --daemon . /srv/http/www/',restrict ssh-ed25519 AAAAB3NzaC1yc2EAAAADAQABAAABAQCy... git.berlin.ccc.de/cccb/www"
-    ];
-    #extraGroups = ["nginx"];
+  users = {
+    users.deploy = {
+      description = "deploys static websites from forgejo";
+      shell = "/run/current-system/sw/bin/nologin";
+      isSystemUser = true;
+      group = "deploy";
+      packages = [
+        pkgs.rsync
+      ];
+      openssh.authorizedKeys.keys = [
+        "command='rsync --server --daemon . /srv/http/www/',restrict ssh-ed25519 AAAAB3NzaC1yc2EAAAADAQABAAABAQCy... git.berlin.ccc.de/cccb/www"
+      ];
+      #extraGroups = ["nginx"];
+    };
+    groups.deploy = {};
  };
 }