Merge pull request 'fix: nginx config for pub.solar website' (#22) from fix-nginx into main
Reviewed-on: pub-solar/infra-new#22 Reviewed-by: hensoko <hensoko@gssws.de>
This commit is contained in:
commit
8a0ac64eac
|
@ -1,12 +1,25 @@
|
||||||
{ ... }:
|
{ ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
|
systemd.tmpfiles.rules = [
|
||||||
|
"d '/srv/www/pub.solar' 0750 hakkonaut hakkonaut - -"
|
||||||
|
];
|
||||||
|
|
||||||
services.nginx.virtualHosts = {
|
services.nginx.virtualHosts = {
|
||||||
"www.pub.solar".locations."/".extraConfig = "return 301 https://pub.solar$request_uri";
|
"www.pub.solar" = {
|
||||||
|
enableACME = true;
|
||||||
|
addSSL = true;
|
||||||
|
locations."/" = {
|
||||||
|
extraConfig = ''
|
||||||
|
return 301 https://pub.solar$request_uri;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
"pub.solar" = {
|
"pub.solar" = {
|
||||||
default = true;
|
default = true;
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
|
forceSSL = true;
|
||||||
|
|
||||||
locations = {
|
locations = {
|
||||||
# serve base domain pub.solar for mastodon.pub.solar
|
# serve base domain pub.solar for mastodon.pub.solar
|
||||||
|
@ -21,7 +34,7 @@
|
||||||
"/.well-known/webfinger" = {
|
"/.well-known/webfinger" = {
|
||||||
# Redirect requests that match /.well-known/webfinger?resource=* to Mastodon
|
# Redirect requests that match /.well-known/webfinger?resource=* to Mastodon
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
if ($arg_resource) = {
|
if ($arg_resource) {
|
||||||
return 301 https://mastodon.pub.solar$request_uri;
|
return 301 https://mastodon.pub.solar$request_uri;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -32,14 +45,14 @@
|
||||||
|
|
||||||
"/satzung" = {
|
"/satzung" = {
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
return 302 /satzung https://cloud.pub.solar/s/2tRCP9aZFCiWxQy;
|
return 302 https://cloud.pub.solar/s/2tRCP9aZFCiWxQy;
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
"/" = {
|
"/" = {
|
||||||
root = "/srv/www/pub.solar";
|
root = "/srv/www/pub.solar";
|
||||||
index = "index.html";
|
index = "index.html";
|
||||||
tryFiles = "$uri $uri/";
|
tryFiles = "$uri $uri/ =404";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -20,8 +20,4 @@ in {
|
||||||
};
|
};
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [80 443];
|
networking.firewall.allowedTCPPorts = [80 443];
|
||||||
|
|
||||||
systemd.tmpfiles.rules = [
|
|
||||||
"d '/srv/www/pub.solar' 0750 hakkonaut hakkonaut - -"
|
|
||||||
];
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -41,7 +41,8 @@
|
||||||
|
|
||||||
users.users.hakkonaut = {
|
users.users.hakkonaut = {
|
||||||
description = "CI and automation user";
|
description = "CI and automation user";
|
||||||
home = "/var/nix/iso-cache";
|
home = "/home/hakkonaut";
|
||||||
|
createHome = true;
|
||||||
useDefaultShell = true;
|
useDefaultShell = true;
|
||||||
uid = 998;
|
uid = 998;
|
||||||
group = "hakkonaut";
|
group = "hakkonaut";
|
||||||
|
|
Loading…
Reference in a new issue