]> Git — Sourcephile - sourcephile-nix.git/blob - hosts/mermet/nginx.nix
sourcephile / git / sourcephile-nix.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
losurdo: transmission: relax periodic stopping to every 15min
[sourcephile-nix.git] / hosts / mermet / nginx.nix
1 { pkgs, lib, config, ... }:
2 let
3 inherit (config) networking;
4 inherit (config.services) nginx;
5 in
6 {
7 imports = [
8 ../../nixos/profiles/services/nginx.nix
9 nginx/autogeree.net.nix
10 nginx/sourcephile.fr.nix
11 ];
12 users.groups."acme".members = [nginx.user];
13 users.groups."keys".members = [nginx.user];
14 networking.nftables.ruleset = ''
15 add rule inet filter net2fw tcp dport 80 counter accept comment "HTTP"
16 add rule inet filter net2fw tcp dport 443 counter accept comment "HTTPS"
17 '';
18 fileSystems."/var/lib/nginx" = {
19 device = "rpool/var/www";
20 fsType = "zfs";
21 };
22 services.nginx = {
23 enable = true;
24 package = pkgs.nginx.override {
25 modules = with pkgs.nginxModules; [
26 fancyindex
27 ];
28 };
29 resolver = {
30 addresses = [ "127.0.0.1:53" ];
31 valid = "";
32 };
33 virtualHosts."_" = {
34 forceSSL = true;
35 useACMEHost = networking.domain;
36 };
37 };
38 }
NixOS configurations for Sourcephile's infrastructure