52 lines
1.2 KiB
Nix
52 lines
1.2 KiB
Nix
{ pkgs
|
|
, ...}: {
|
|
services.nginx = {
|
|
enable = true;
|
|
|
|
# enable all recommended settings
|
|
recommendedTlsSettings = true;
|
|
recommendedOptimisation = true;
|
|
recommendedGzipSettings = true;
|
|
recommendedProxySettings = true;
|
|
|
|
virtualHosts = let
|
|
mkRedirect = host: {
|
|
locations."/".return = "307 https://${host}$request_uri";
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
};
|
|
in {
|
|
"_" = {
|
|
rejectSSL = true;
|
|
extraConfig = "return 444;";
|
|
};
|
|
|
|
"514fpv.one" = {
|
|
root = pkgs.callPackage ./site { };
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
};
|
|
|
|
"www.514fpv.one" = {
|
|
globalRedirect = "514fpv.one";
|
|
enableACME = true;
|
|
};
|
|
|
|
"uptime.514fpv.one" = {
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:4000";
|
|
proxyWebsockets = true;
|
|
};
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
};
|
|
|
|
# redirections to home server
|
|
"src.514fpv.one" = mkRedirect "src.514fpv.io:2096";
|
|
"cloud.514fpv.one" = mkRedirect "cloud.514fpv.io:2096";
|
|
};
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
|
}
|