2024-03-30 20:18:12 +01:00
|
|
|
{ lib, config, ... }:
|
2021-12-04 13:13:13 +01:00
|
|
|
with lib;
|
|
|
|
|
let cfg = config.luj.nginx;
|
2022-02-26 18:39:09 +01:00
|
|
|
in
|
|
|
|
|
{
|
2021-12-04 13:13:13 +01:00
|
|
|
|
|
|
|
|
options.luj.nginx = {
|
|
|
|
|
enable = mkEnableOption "activate nginx service";
|
|
|
|
|
email = mkOption {
|
|
|
|
|
type = types.str;
|
2022-04-01 21:02:35 +02:00
|
|
|
default = "julien@malka.sh";
|
2021-12-04 13:13:13 +01:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
config = mkIf cfg.enable {
|
|
|
|
|
|
2021-12-26 15:58:55 +01:00
|
|
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
2022-06-04 10:12:47 +02:00
|
|
|
security.acme.defaults.email = "${cfg.email}";
|
2021-12-04 13:13:13 +01:00
|
|
|
security.acme.acceptTerms = true;
|
2021-12-22 12:24:13 +01:00
|
|
|
users.groups.nginx = { name = "nginx"; };
|
2021-12-04 13:13:13 +01:00
|
|
|
|
|
|
|
|
services.nginx = {
|
|
|
|
|
enable = true;
|
|
|
|
|
|
2022-03-11 01:07:21 +01:00
|
|
|
recommendedGzipSettings = true;
|
2023-01-20 00:27:21 +01:00
|
|
|
recommendedOptimisation = true;
|
|
|
|
|
recommendedProxySettings = true;
|
|
|
|
|
recommendedTlsSettings = true;
|
2021-12-04 13:13:13 +01:00
|
|
|
commonHttpConfig = ''
|
|
|
|
|
server_names_hash_bucket_size 128;
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
2022-02-26 18:39:09 +01:00
|
|
|
services.nginx.virtualHosts."404.julienmalka.me" = {
|
|
|
|
|
default = true;
|
|
|
|
|
locations."/" = {
|
|
|
|
|
root = "${./404}";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2021-12-04 13:13:13 +01:00
|
|
|
};
|
|
|
|
|
}
|
