Cloonar/nixos
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
nixos/hosts/web-arm/sites/fueltide.io.nix

75 lines
2.1 KiB
Nix
Raw Blame History

{ pkgs, lib, config, ... }:
{
# SOPS secret for fueltide.io DNS credentials (separate Hetzner API token)
sops.secrets.fueltide-lego-credentials = { };
# Override ACME credentials for fueltide.io domains
# These use a separate Hetzner DNS API token from the global default
security.acme.certs."app.fueltide.io" = {
credentialsFile = config.sops.secrets.fueltide-lego-credentials.path;
};
security.acme.certs."app.stage.fueltide.io" = {
credentialsFile = config.sops.secrets.fueltide-lego-credentials.path;
};
services.webstack.instances."fueltide.cloonar.dev" = {
enablePhp = false;
enableDefaultLocations = false;
authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIILf3KpvY3sG/l5w4phV3qxOnahFpb7op/8y6i3oLWXv"
];
locations."/".extraConfig = ''
index index.html;
try_files $uri $uri/ /index.html;
'';
locations."~* \.(js|jpg|gif|png|webp|avif|css|woff2)$".extraConfig = ''
expires 365d;
add_header Pragma "public";
add_header Cache-Control "public";
'';
};
services.webstack.instances."app.fueltide.io" = {
enablePhp = false;
enableDefaultLocations = false;
authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIILf3KpvY3sG/l5w4phV3qxOnahFpb7op/8y6i3oLWXv"
];
locations."/".extraConfig = ''
index index.html;
try_files $uri $uri/ /index.html;
'';
locations."~* \.(js|jpg|gif|png|webp|avif|css|woff2)$".extraConfig = ''
expires 365d;
add_header Pragma "public";
add_header Cache-Control "public";
'';
};
services.webstack.instances."app.stage.fueltide.io" = {
enablePhp = false;
enableDefaultLocations = false;
authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIILf3KpvY3sG/l5w4phV3qxOnahFpb7op/8y6i3oLWXv"
];
locations."/".extraConfig = ''
index index.html;
try_files $uri $uri/ /index.html;
'';
locations."~* \.(js|jpg|gif|png|webp|avif|css|woff2)$".extraConfig = ''
expires 365d;
add_header Pragma "public";
add_header Cache-Control "public";
'';
};
}
Reference in a new issue View git blame Copy permalink