hosts/aubergine/nginx.nix

   1 {
   2   pkgs,
   3   config,
   4   hostName,
   5   ...
   6 }:
   7 let
   8   inherit (config) networking;
   9   inherit (config.services) nginx;
  10 in
  11 {
  12   imports = [
  13     ../../nixos/profiles/services/nginx.nix
  14     nginx/aubergine.nix
  15   ];
  16   networking.nftables.ruleset = ''
  17     table inet filter {
  18       chain input-lan {
  19         tcp dport { http } counter accept comment "HTTP"
  20       }
  21       chain input-intra {
  22         tcp dport { http } counter accept comment "HTTP"
  23       }
  24     }
  25   '';
  26   /*
  27     fileSystems."/var/lib/nginx" = {
  28     device = "${hostName}/var/www";
  29     fsType = "zfs";
  30     };
  31   */
  32   services.nginx = {
  33     enable = true;
  34     /*
  35       package = pkgs.nginx.override {
  36         modules = with pkgs.nginxModules; [
  37           fancyindex
  38         ];
  39       };
  40     */
  41     resolver = {
  42       addresses = [ "127.0.0.1:53" ];
  43       valid = "";
  44     };
  45     virtualHosts."_" = {
  46       default = true;
  47       extraConfig = ''
  48         # Connection closed without response
  49         return 444;
  50       '';
  51     };
  52   };
  53 }