From 60a753e9d54ceef30f58b0fa689d666ebc06452d Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 22 Dec 2016 21:53:09 +0100 Subject: tv public_html: add server names --- tv/2configs/nginx/public_html.nix | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) (limited to 'tv/2configs/nginx') diff --git a/tv/2configs/nginx/public_html.nix b/tv/2configs/nginx/public_html.nix index e0bbb8d5..4c74d225 100644 --- a/tv/2configs/nginx/public_html.nix +++ b/tv/2configs/nginx/public_html.nix @@ -5,11 +5,19 @@ with import ; { krebs.nginx = { enable = true; - servers.default.locations = [ - (nameValuePair "~ ^/~(.+?)(/.*)?\$" '' - alias /home/$1/public_html$2; - '') - ]; + servers.default = { + server-names = [ + "localhost" + "${config.krebs.build.host.name}" + "${config.krebs.build.host.name}.r" + "${config.krebs.build.host.name}.retiolum" + ]; + locations = [ + (nameValuePair "~ ^/~(.+?)(/.*)?\$" '' + alias /home/$1/public_html$2; + '') + ]; + }; }; tv.iptables.input-internet-accept-tcp = singleton "http"; } -- cgit v1.2.3 From eafa36c2b10ddf16163007aa58ed5e2444c251b6 Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 23 Dec 2016 09:46:32 +0100 Subject: tv: replace krebs.nginx by services.nginx.virtualHosts --- tv/2configs/nginx/default.nix | 12 ++++++------ tv/2configs/nginx/public_html.nix | 14 ++++++-------- 2 files changed, 12 insertions(+), 14 deletions(-) (limited to 'tv/2configs/nginx') diff --git a/tv/2configs/nginx/default.nix b/tv/2configs/nginx/default.nix index 39995c05..277f459f 100644 --- a/tv/2configs/nginx/default.nix +++ b/tv/2configs/nginx/default.nix @@ -3,15 +3,15 @@ with import ; { - krebs.nginx = { - servers.default.locations = [ - (nameValuePair "= /etc/os-release" '' + services.nginx = { + virtualHosts.default = { + locations."= /etc/os-release".extraConfig = '' default_type text/plain; alias /etc/os-release; - '') - ]; + ''; + }; }; - tv.iptables = optionalAttrs config.krebs.nginx.enable { + tv.iptables = { input-retiolum-accept-tcp = singleton "http"; }; } diff --git a/tv/2configs/nginx/public_html.nix b/tv/2configs/nginx/public_html.nix index 4c74d225..9744da1e 100644 --- a/tv/2configs/nginx/public_html.nix +++ b/tv/2configs/nginx/public_html.nix @@ -3,20 +3,18 @@ with import ; { - krebs.nginx = { + services.nginx = { enable = true; - servers.default = { - server-names = [ + virtualHosts.default = { + serverAliases = [ "localhost" "${config.krebs.build.host.name}" "${config.krebs.build.host.name}.r" "${config.krebs.build.host.name}.retiolum" ]; - locations = [ - (nameValuePair "~ ^/~(.+?)(/.*)?\$" '' - alias /home/$1/public_html$2; - '') - ]; + locations."~ ^/~(.+?)(/.*)?\$".extraConfig = '' + alias /home/$1/public_html$2; + ''; }; }; tv.iptables.input-internet-accept-tcp = singleton "http"; -- cgit v1.2.3 From 7efec736b299d1c0235d2c12064b3afc1e5e13ff Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 23 Dec 2016 10:46:26 +0100 Subject: tv nginx: return 404 by default --- tv/2configs/nginx/default.nix | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'tv/2configs/nginx') diff --git a/tv/2configs/nginx/default.nix b/tv/2configs/nginx/default.nix index 277f459f..0e6c2df0 100644 --- a/tv/2configs/nginx/default.nix +++ b/tv/2configs/nginx/default.nix @@ -4,6 +4,13 @@ with import ; { services.nginx = { + virtualHosts._http = { + default = true; + extraConfig = '' + return 404; + ''; + }; + virtualHosts.default = { locations."= /etc/os-release".extraConfig = '' default_type text/plain; -- cgit v1.2.3 From bece7d9da29adde2c79e49c40d975dc46eed4c1e Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 23 Dec 2016 11:09:36 +0100 Subject: tv nginx: enable recommendations --- tv/2configs/nginx/default.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'tv/2configs/nginx') diff --git a/tv/2configs/nginx/default.nix b/tv/2configs/nginx/default.nix index 0e6c2df0..b0acb943 100644 --- a/tv/2configs/nginx/default.nix +++ b/tv/2configs/nginx/default.nix @@ -4,6 +4,10 @@ with import ; { services.nginx = { + recommendedGzipSettings = true; + recommendedOptimisation = true; + recommendedTlsSettings = true; + virtualHosts._http = { default = true; extraConfig = '' -- cgit v1.2.3