nginx: add more fields to JSON log

[sourcephile-nix.git] / hosts / mermet / nginx.nix

diff --git a/hosts/mermet/nginx.nix b/hosts/mermet/nginx.nix
index a733ccae75bb96811311cd5e4697766b0ba34c28..529d75623dc22704bf0a8802c5a1c696e0c54f41 100644 (file)
--- a/hosts/mermet/nginx.nix
+++ b/hosts/mermet/nginx.nix
@@ -6,17 +6,15 @@ in
 {
 imports = [
   ../../nixos/profiles/services/nginx.nix
+  nginx/autogeree.net.nix
   nginx/sourcephile.fr.nix
 ];
 users.groups."acme".members = [nginx.user];
+users.groups."keys".members = [nginx.user];
 networking.nftables.ruleset = ''
   add rule inet filter net2fw tcp dport 80 counter accept comment "HTTP"
   add rule inet filter net2fw tcp dport 443 counter accept comment "HTTPS"
 '';
-fileSystems."/var/www" = {
-  device = "rpool/var/www";
-  fsType = "zfs";
-};
 services.nginx = {
   enable = true;
   package = pkgs.nginx.override {
@@ -33,4 +31,12 @@ services.nginx = {
     useACMEHost = networking.domain;
   };
 };
+fileSystems."/var/lib/nginx" = {
+  device = "rpool/var/www";
+  fsType = "zfs";
+};
+services.sanoid.datasets."rpool/var/www" = {
+  use_template = [ "local" ];
+  daily = 7;
+};
 }