nixos-system-config/packages/nginx/dirae.nix

{ ... }:
let
    fqdn = "dirae.org";
    serverConfig."m.server" = "dirae.org:443";
    mkWellKnown = data: ''
        add_header Content-Type application/json;
        add_header Access-Control-Allow-Origin *;
        return 200 '${builtins.toJSON data}';
    '';
in {
    security.acme.acceptTerms = true;
    security.acme.defaults.email = "caem@dirae.org";
    networking.firewall.allowedTCPPorts = [ 80 443 ];

    services.nginx = {
        enable = true;
        recommendedGzipSettings = true;
        recommendedOptimisation = true;
        recommendedProxySettings = true;
        recommendedTlsSettings = true;

        virtualHosts = {
            "caem.dev" = {
                enableACME = true;
                forceSSL = true;
                locations."/" = {
                    root = "/var/www/caem";
                };
            };

            "dirae.org" = {
                enableACME = true;
                forceSSL = true;
                locations."/" = {
                    root = "/var/www/dirae";
                };
                locations."/.well-known/matrix/server".extraConfig = ''
                    return 200 '{"m.server": "dirae.org:443"}';
                    default_type application/json;
                    add_header Access-Control-Allow-Origin *;
                '';
                locations."/_matrix".proxyPass = "http://127.0.0.1:8008";

            };

            "git.dirae.org" = {
                enableACME = true;
                forceSSL = true;
                locations."/".proxyPass = "http://127.0.0.1:3001";
            };

           # "gitlab.dirae.org" = {
           #     enableACME = true;
           #     forceSSL = true;
           #     locations."/" = {
           #         proxyPass = "http://unix:/run/gitlab/gitlab-workhorse.socket";
           #     };
           #  };
        };
    };
}
Add configuration for dirae.org 2023-07-01 15:08:00 +02:00			`{ ... }:`
			`let`
			`fqdn = "dirae.org";`
			`serverConfig."m.server" = "dirae.org:443";`
			`mkWellKnown = data: ''`
			`add_header Content-Type application/json;`
			`add_header Access-Control-Allow-Origin *;`
			`return 200 '${builtins.toJSON data}';`
			`'';`
			`in {`
			`security.acme.acceptTerms = true;`
			`security.acme.defaults.email = "caem@dirae.org";`
			`networking.firewall.allowedTCPPorts = [ 80 443 ];`

			`services.nginx = {`
			`enable = true;`
			`recommendedGzipSettings = true;`
			`recommendedOptimisation = true;`
			`recommendedProxySettings = true;`
			`recommendedTlsSettings = true;`

			`virtualHosts = {`
Migrate to gitea 2023-07-19 22:25:34 +02:00			`"caem.dev" = {`
			`enableACME = true;`
			`forceSSL = true;`
			`locations."/" = {`
			`root = "/var/www/caem";`
			`};`
			`};`

Add configuration for dirae.org 2023-07-01 15:08:00 +02:00			`"dirae.org" = {`
			`enableACME = true;`
			`forceSSL = true;`
			`locations."/" = {`
			`root = "/var/www/dirae";`
			`};`
			`locations."/.well-known/matrix/server".extraConfig = ''`
			`return 200 '{"m.server": "dirae.org:443"}';`
			`default_type application/json;`
			`add_header Access-Control-Allow-Origin *;`
			`'';`
			`locations."/_matrix".proxyPass = "http://127.0.0.1:8008";`

			`};`

Migrate to gitea 2023-07-19 22:25:34 +02:00			`"git.dirae.org" = {`
Add configuration for dirae.org 2023-07-01 15:08:00 +02:00			`enableACME = true;`
			`forceSSL = true;`
Migrate to gitea 2023-07-19 22:25:34 +02:00			`locations."/".proxyPass = "http://127.0.0.1:3001";`
			`};`
Add configuration for dirae.org 2023-07-01 15:08:00 +02:00
Migrate to gitea 2023-07-19 22:25:34 +02:00			`# "gitlab.dirae.org" = {`
			`# enableACME = true;`
			`# forceSSL = true;`
			`# locations."/" = {`
			`# proxyPass = "http://unix:/run/gitlab/gitlab-workhorse.socket";`
			`# };`
			`# };`
Add configuration for dirae.org 2023-07-01 15:08:00 +02:00			`};`
			`};`
			`}`