]> Git — Sourcephile - sourcephile-nix.git/blob - hosts/mermet/nginx/sourcephile.fr/www.nix
git-crypt: encrypt more files
[sourcephile-nix.git] / hosts / mermet / nginx / sourcephile.fr / www.nix
1 { domain, ... }:
2 { pkgs, lib, config, inputs, hostName, ... }:
3 let
4 inherit (config) networking;
5 inherit (config.services) nginx;
6 srv = "www";
7 root = "/var/lib/nginx/${domain}";
8 in
9 {
10 systemd.services.nginx.serviceConfig = {
11 BindPaths = [
12 "/home/julm/work/sourcephile/txt:${root}/${srv}"
13 ];
14 StateDirectory = [
15 "nginx/${domain}/${srv}"
16 ];
17 LogsDirectory = lib.mkForce [
18 "nginx/${domain}/${srv}"
19 ];
20 };
21 services.nginx = {
22 virtualHosts."${srv}.${domain}" = {
23 serverAliases = [ domain ];
24 forceSSL = true;
25 useACMEHost = domain;
26 root = "${root}/${srv}";
27 extraConfig = ''
28 access_log /var/log/nginx/${domain}/${srv}/access.log json buffer=32k;
29 error_log /var/log/nginx/${domain}/${srv}/error.log warn;
30 '';
31 locations."/".extraConfig = ''
32 #autoindex on;
33 fancyindex on;
34 fancyindex_name_length 255;
35 fancyindex_exact_size off;
36 '';
37 locations."/git".return = "302 https://git.${domain}/$request_uri";
38 locations."/versions".return = "302 https://git.${domain}/$request_uri";
39 locations."/codes_sources".return = "302 https://git.code.${domain}";
40 locations."/mails".return = "302 https://mails.${domain}/$request_uri";
41 locations."/listes".return = "302 https://mails.${domain}/$request_uri";
42 };
43 };
44 }