xengi/infra
0
1
Fork 0
Code Pull requests Activity Actions

fix www

Browse source
This commit is contained in:
XenGi 2026-02-13 19:06:13 +01:00
parent 5807b563a1
commit ff5cb096de
Signed by: xengi
SSH key fingerprint: SHA256:jxWM2RTHvxxcncXycwwWkP7HCWb4VREN05UGJTbIPZg
2 changed files with 19 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

8
hosts/www/nginx.nix
View file

@ -4,17 +4,17 @@ let
# TODO: mkVHost # TODO: mkVHost
in in
{ {
services.nginx.virtualHosts."${config.networking.fqdn}" = { services.nginx.virtualHosts."www.${config.networking.domain}" = {
default = true; default = true;
serverAliases = [config.networking.domain]; serverAliases = [config.networking.domain];
quic = true; quic = true;
kTLS = true; kTLS = true;
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
root = "/srv/http/www";
index = "index.html";
locations."/" = { locations."/" = {
try_files = "$uri $uri/ $uri.html =404"; root = "/srv/http/www";
index = "index.html";
tryFiles = "$uri $uri/ $uri.html =404";
}; };
}; };
} }

25
hosts/www/openssh.nix
View file

@ -1,16 +1,21 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
users.users.deploy = { users = {
description = "deploys static websites from forgejo"; users.deploy = {
shell = pkgs.nologin; description = "deploys static websites from forgejo";
packages = [ shell = "/run/current-system/sw/bin/nologin";
pkgs.rsync isSystemUser = true;
]; group = "deploy";
openssh.authorizedKeys.keys = [ packages = [
"command='rsync --server --daemon . /srv/http/www/',restrict ssh-ed25519 AAAAB3NzaC1yc2EAAAADAQABAAABAQCy... git.berlin.ccc.de/cccb/www" pkgs.rsync
]; ];
#extraGroups = ["nginx"]; openssh.authorizedKeys.keys = [
"command='rsync --server --daemon . /srv/http/www/',restrict ssh-ed25519 AAAAB3NzaC1yc2EAAAADAQABAAABAQCy... git.berlin.ccc.de/cccb/www"
];
#extraGroups = ["nginx"];
};
groups.deploy = {};
}; };
} }