sourcephile / git / sourcephile-nix.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
nix: update inputs
[sourcephile-nix.git] / hosts / losurdo / nginx / sourcephile.fr / losurdo.nix
diff --git a/hosts/losurdo/nginx/sourcephile.fr/losurdo.nix b/hosts/losurdo/nginx/sourcephile.fr/losurdo.nix
index 94f6c9ca780b0b321f3aceb77fdd712028e089b6..9bab9a16c33256dfbb941cc124b6ac004d3f2876 100644 (file)
--- a/hosts/losurdo/nginx/sourcephile.fr/losurdo.nix
+++ b/hosts/losurdo/nginx/sourcephile.fr/losurdo.nix
@@ -1,16 +1,15 @@
 { domain, ... }:
-{ pkgs, lib, config, ... }:
+{ pkgs, lib, config, hostName, ... }:
 let
   inherit (config) networking;
   inherit (config.security) gnupg;
   inherit (config.services) nginx;
-  srv = "losurdo";
   root = "/var/lib/nginx";
   onion = "dfc66yn2fundui5yvq2ndx4nmcmbxpho4ji32tlc4cncrjvs2b5yu4id";
 in
 {
 services.tor = {
-  relay.onionServices."nginx/${domain}/${srv}" = {
+  relay.onionServices."nginx/${domain}/${hostName}" = {
     secretKey = gnupg.secrets."tor/onion/${onion}/hs_ed25519_secret_key".path;
     map = [
       80
@@ -50,8 +49,8 @@ services.nginx = {
   virtualHosts."${onion}.onion" = {
     root = root + "/dl";
     extraConfig = ''
-      access_log /var/log/nginx/${domain}/${srv}/access.json json buffer=32k;
-      error_log  /var/log/nginx/${domain}/${srv}/error.log warn;
+      access_log /var/log/nginx/${domain}/${hostName}/access.json json buffer=32k;
+      error_log  /var/log/nginx/${domain}/${hostName}/error.log warn;
     '';
     locations."/".extraConfig = ''
       autoindex on;
@@ -62,27 +61,7 @@ services.nginx = {
       #open_file_cache_valid 1s;
     '';
   };
-  virtualHosts."${srv}.wg" = {
-    listenAddresses = [ "${srv}.wg" ];
-    root = root;
-    extraConfig = ''
-      access_log /var/log/nginx/wg-intra/${srv}/access.json json buffer=32k;
-      error_log  /var/log/nginx/wg-intra/${srv}/error.log warn;
-    '';
-    locations."/".extraConfig = ''
-      #autoindex on;
-      return 444;
-    '';
-    locations."/dl".extraConfig = ''
-      autoindex on;
-      fancyindex on;
-      fancyindex_exact_size off;
-      fancyindex_name_length 255;
-      open_file_cache off;
-      #open_file_cache_valid 1s;
-    '';
-  };
-  virtualHosts."${srv}.${domain}" = {
+  virtualHosts."${hostName}.${domain}" = {
     serverAliases = [ domain ];
     #onlySSL = true;
     #addSSL = true;
@@ -90,8 +69,8 @@ services.nginx = {
     useACMEHost = domain;
     root = root;
     extraConfig = ''
-      access_log /var/log/nginx/${domain}/${srv}/access.json json buffer=32k;
-      error_log  /var/log/nginx/${domain}/${srv}/error.log warn;
+      access_log /var/log/nginx/${domain}/${hostName}/access.json json buffer=32k;
+      error_log  /var/log/nginx/${domain}/${hostName}/error.log warn;
     '';
     locations."/".extraConfig = ''
       #autoindex on;
@@ -132,8 +111,8 @@ services.nginx = {
 systemd.services.nginx = {
   serviceConfig = {
     LogsDirectory = lib.mkForce [
-      "nginx/${domain}/${srv}"
-      "nginx/wg-intra/${srv}"
+      "nginx/${domain}/${hostName}"
+      "nginx/wg-intra/${hostName}"
     ];
     BindReadOnlyPaths = [
       "/home/julm/work/sourcephile/web:${root}/julm"
NixOS configurations for Sourcephile's infrastructure