60 lines
1.2 KiB
Nix
60 lines
1.2 KiB
Nix
{
|
|
pkgs,
|
|
...
|
|
}:
|
|
{
|
|
services.nginx = {
|
|
enable = true;
|
|
|
|
# enable all recommended settings
|
|
recommendedTlsSettings = true;
|
|
recommendedOptimisation = true;
|
|
recommendedGzipSettings = true;
|
|
recommendedProxySettings = true;
|
|
|
|
virtualHosts =
|
|
let
|
|
mkRedirect = host: {
|
|
locations."/".return = "307 https://${host}$request_uri";
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
};
|
|
in
|
|
{
|
|
"_" = {
|
|
rejectSSL = true;
|
|
extraConfig = "return 444;";
|
|
};
|
|
|
|
"514fpv.one" = {
|
|
root = pkgs.callPackage ./site { };
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
};
|
|
|
|
"www.514fpv.one" = {
|
|
globalRedirect = "514fpv.one";
|
|
enableACME = true;
|
|
};
|
|
|
|
"uptime.514fpv.one" = {
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:4000";
|
|
proxyWebsockets = true;
|
|
};
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
};
|
|
|
|
# redirections to home server
|
|
"src.514fpv.one" = mkRedirect "src.514fpv.io:2096";
|
|
"cloud.514fpv.one" = mkRedirect "cloud.514fpv.io:2096";
|
|
};
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [
|
|
80
|
|
443
|
|
];
|
|
}
|