66 lines
1.9 KiB
Nix
66 lines
1.9 KiB
Nix
{ pkgs, lib, config, ... }:
|
|
let
|
|
domain = "mehr-leistbaren-wohnraum-schaffen.at";
|
|
dataDir = "/var/www/${domain}";
|
|
in {
|
|
services.nginx.virtualHosts."www.${domain}" = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
globalRedirect = domain;
|
|
};
|
|
services.nginx.virtualHosts."${domain}" = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
acmeRoot = null;
|
|
root = "${dataDir}";
|
|
|
|
locations."/favicon.ico".extraConfig = ''
|
|
log_not_found off;
|
|
access_log off;
|
|
'';
|
|
|
|
locations."/".extraConfig = ''
|
|
index index.html;
|
|
'';
|
|
|
|
locations."~* \.(jpe?g|png)$".extraConfig = ''
|
|
set $red Z;
|
|
|
|
if ($http_accept ~* "webp") {
|
|
set $red A;
|
|
}
|
|
|
|
if (-f $document_root/webp/$request_uri.webp) {
|
|
set $red "''${red}B";
|
|
}
|
|
|
|
if ($red = "AB") {
|
|
add_header Vary Accept;
|
|
rewrite ^ /webp/$request_uri.webp;
|
|
}
|
|
'';
|
|
|
|
locations."~* \.(js|jpg|gif|png|webp|css|woff2)$".extraConfig = ''
|
|
expires 365d;
|
|
add_header Pragma "public";
|
|
add_header Cache-Control "public";
|
|
'';
|
|
|
|
locations."~ [^/]\.php(/|$)".extraConfig = ''
|
|
deny all;
|
|
'';
|
|
};
|
|
users.users."mehr-leistbaren-wohnraum" = {
|
|
isNormalUser = true;
|
|
createHome = true;
|
|
home = dataDir;
|
|
homeMode= "770";
|
|
#home = "/home/${domain}";
|
|
group = "nginx";
|
|
openssh.authorizedKeys.keys = [
|
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDWrkjt5+tIGAi0Q9ViFlFARGxMxoDaxI7lu1AtIlluhOXvJrX33roxV+PF+ky6ZQFcwd5xRy1HkXkfsBJVlRstrZXiqbP9DaSO3arSTQmiezSWgeLD9r3aktsPINgENkMBSUgURVRDaO0B/PA5MylOoijFaxmHEFMa8ZNYwKj/tWKt6+NI9UxUW3fSZXipOohvdzPxoD5YjjlyivtQCbfcpFa46Q08TIiUNEBnSTIKbDuVGgNtKXd5ELRtl7HRcT9iwPfmmVPHVMXREnVma47pABe+54Qrh6N8MzSJLOLJy/kRM2iw/ovxGEWE8rPqaoPszaEPxDEpEmRMyqNb5ZAuWG3NvUOiU5rijSvP8H9QVubJyNC4DHYYeBa1Kw2iAqnzdsneyHz01vVRQh7qa4Aonuzk2VfrW08dJbMC7p6tpvQgkdGLrwetgwZRqdGpbWhRV4s816tuoBFTmM3gDWr5R6CAPmzmykhTi8IbJ5LTua5t7+82wIMA026BNvRbndk="
|
|
];
|
|
};
|
|
users.groups.${domain} = {};
|
|
}
|