mirror of
https://github.com/JulienMalka/snowfield.git
synced 2025-03-29 07:10:51 +01:00
53 lines
1.1 KiB
Nix
53 lines
1.1 KiB
Nix
{ lib, pkgs, ... }:
|
|
{
|
|
services.codeberg-pages = {
|
|
enable = true;
|
|
package = pkgs.codeberg-pages-custom;
|
|
settings = {
|
|
ACME_ACCEPT_TERMS = "true";
|
|
ACME_EMAIL = "julien@malka.sh";
|
|
DNS_PROVIDER = "gandiv5";
|
|
ENABLE_HTTP_SERVER = "false";
|
|
GITEA_ROOT = "https://git.luj.fr";
|
|
PORT = "8010";
|
|
PAGES_DOMAIN = "luj-static.page";
|
|
RAW_DOMAIN = "raw.luj-static.page";
|
|
};
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [
|
|
80
|
|
443
|
|
];
|
|
|
|
security.acme.acceptTerms = true;
|
|
security.acme.defaults.email = "julien@malka.sh";
|
|
luj.nginx.enable = lib.mkForce false;
|
|
services.nginx = {
|
|
enable = true;
|
|
recommendedGzipSettings = true;
|
|
recommendedOptimisation = true;
|
|
recommendedProxySettings = true;
|
|
recommendedTlsSettings = true;
|
|
|
|
streamConfig = ''
|
|
map $ssl_preread_server_name $sni_upstream {
|
|
hostnames;
|
|
default 0.0.0.0:8443;
|
|
*.luj-static.page 0.0.0.0:8010;
|
|
luj.sh 0.0.0.0:8010;
|
|
}
|
|
|
|
server {
|
|
listen [::]:443;
|
|
ssl_preread on;
|
|
proxy_pass $sni_upstream;
|
|
}
|
|
|
|
'';
|
|
|
|
defaultSSLListenPort = 8443;
|
|
|
|
};
|
|
|
|
}
|