]> Git — Sourcephile - sourcephile-nix.git/blob - servers/mermet/nginx/sourcephile.fr/public-inbox.nix
nix: fix install and security.pass
[sourcephile-nix.git] / servers / mermet / nginx / sourcephile.fr / public-inbox.nix
1 { domain, ... }:
2 { pkgs, lib, config, ... }:
3 let inherit (config) networking;
4 inherit (config.services) nginx public-inbox;
5 srv = "public-inbox";
6 in
7 {
8 services.nginx = {
9 virtualHosts."${srv}" = {
10 serverName = "${srv}.${domain}";
11 serverAliases = [ "mails.${domain}" ];
12 forceSSL = true;
13 useACMEHost = domain;
14 #root = "/home/julm/work/sourcephile/txt";
15 extraConfig = ''
16 access_log ${nginx.logDir}/${domain}/${srv}/access.log json buffer=32k;
17 error_log ${nginx.logDir}/${domain}/${srv}/error.log warn;
18 '';
19 locations."/".return = "302 /inbox";
20 locations."= /inbox".return = "302 /inbox/";
21 locations."/inbox".proxyPass = "http://unix:${builtins.head public-inbox.http.listenStreams}:/inbox";
22 locations."= /style/light.css".alias = pkgs.writeText "light.css" ''
23 * { background:#fff; color:#000 }
24
25 a { color:#00f; text-decoration:none }
26 a:visited { color:#808 }
27
28 *.q { color:#008 }
29
30 *.add { color:#060 }
31 *.del {color:#900 }
32 *.head { color:#000 }
33 *.hunk { color:#960 }
34
35 .hl.num { color:#f30 } /* number */
36 .hl.esc { color:#f0f } /* escape character */
37 .hl.str { color:#f30 } /* string */
38 .hl.ppc { color:#c3c } /* preprocessor */
39 .hl.pps { color:#f30 } /* preprocessor string */
40 .hl.slc { color:#099 } /* single-line comment */
41 .hl.com { color:#099 } /* multi-line comment */
42 /* .hl.opt { color:#ccc } */ /* operator */
43 /* .hl.ipl { color:#ccc } */ /* interpolation */
44
45 /* keyword groups kw[a-z] */
46 .hl.kwa { color:#f90 }
47 .hl.kwb { color:#060 }
48 .hl.kwc { color:#f90 }
49 /* .hl.kwd { color:#ccc } */
50 '';
51 };
52 };
53 systemd.services.nginx.preStart = lib.mkBefore ''
54 install -D -d -m 750 -o ${nginx.user} -g ${nginx.group} ${nginx.logDir}/${domain}/${srv}/
55 '';
56 }