diff options
-rw-r--r-- | config/web-server.nix | 54 | ||||
-rw-r--r-- | machines/container-shape.nix | 1 |
2 files changed, 55 insertions, 0 deletions
diff --git a/config/web-server.nix b/config/web-server.nix new file mode 100644 index 0000000..e40cbce --- /dev/null +++ b/config/web-server.nix @@ -0,0 +1,54 @@ +{ config, lib, pkgs, ... }: +{ + services.nginx = { + enable = true; + recommendedProxySettings = true; + appendHttpConfig = '' + # This is a workaround to deal with closed connections on + # large downloads. + proxy_buffering off; + ''; + virtualHosts = { + "orbekk.com" = { + enableACME = true; + forceSSL = true; + root = "/srv/www/orbekk"; + }; + "semeai.orbekk.com" = { + enableACME = true; + forceSSL = true; + root = "/srv/www/orbekk"; + }; + "kj.orbekk.com" = { + enableACME = true; + forceSSL = true; + locations."/".proxyPass = "http://10.0.20.11:8011"; + locations."/hledger" = { + extraConfig = ''return 302 /hledger/;''; + }; + # locations."/hledger/" = { + # proxyPass = "http://localhost:5000/"; + # extraConfig = '' + # auth_basic "hledger"; + # auth_basic_user_file /opt/site/hledger-htpasswd; + # ''; + # }; + locations."/_matrix" = { + proxyPass = "http://10.0.20.15:11102"; + }; + }; + "git.orbekk.com" = { + enableACME = true; + forceSSL = true; + locations."/".proxyPass = "http://10.0.20.15:11103"; + }; + "hydra.orbekk.com" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://10.0.20.15:11101"; + }; + }; + }; + }; +} diff --git a/machines/container-shape.nix b/machines/container-shape.nix index 0617ad4..57a5c01 100644 --- a/machines/container-shape.nix +++ b/machines/container-shape.nix @@ -9,6 +9,7 @@ ../config/matrix.nix ../config/cgit.nix ../config/weechat.nix + ../config/web-server.nix ]; networking = { |