diff options
Diffstat (limited to 'Omni/Cloud/Web.nix')
| -rw-r--r-- | Omni/Cloud/Web.nix | 50 |
1 files changed, 19 insertions, 31 deletions
diff --git a/Omni/Cloud/Web.nix b/Omni/Cloud/Web.nix index 0e080f5..1791539 100644 --- a/Omni/Cloud/Web.nix +++ b/Omni/Cloud/Web.nix @@ -1,10 +1,8 @@ -{ config, ... }: - -let +{config, ...}: let rootDomain = config.networking.domain; ports = import ./Ports.nix; in { - imports = [ ./Gmnisrv.nix ]; + imports = [./Gmnisrv.nix]; networking.firewall = { allowedTCPPorts = [ ports.ssh @@ -20,7 +18,6 @@ in { }; services = { - libreddit = { enable = true; address = "127.0.0.1"; @@ -84,8 +81,8 @@ in { enable = false; listen = "0.0.0.0:${toString ports.gemini} [::]:${toString ports.gemini}"; settings = { - ":tls" = { store = "/var/lib/gmnisrv"; }; - "bsima.me" = { "root" = "/var/web/ben"; }; + ":tls" = {store = "/var/lib/gmnisrv";}; + "bsima.me" = {"root" = "/var/web/ben";}; "${rootDomain}" = { "root" = "/var/web/simatime.com"; "cgi" = "on"; @@ -114,11 +111,10 @@ in { "/git".return = "301 https://$host/git/"; # nostr nip-5 verification "/.well-known/nostr.json".return = "200 '${ - builtins.toJSON { - names.bensima = - "2fa4b9ba71b6dab17c4723745bb7850dfdafcb6ae1a8642f76f9c64fa5f43436"; - } - }'"; + builtins.toJSON { + names.bensima = "2fa4b9ba71b6dab17c4723745bb7850dfdafcb6ae1a8642f76f9c64fa5f43436"; + } + }'"; # disabled for nixpert test "/" = { root = "/var/web/simatime.com"; @@ -145,28 +141,25 @@ in { autoindex on; ''; }; - serverAliases = [ "www.bsima.me" ]; + serverAliases = ["www.bsima.me"]; forceSSL = true; useACMEHost = rootDomain; }; "hoogle.${rootDomain}" = { - locations."/".proxyPass = - "http://${ports.bensIp}:${toString ports.hoogle}"; + locations."/".proxyPass = "http://${ports.bensIp}:${toString ports.hoogle}"; forceSSL = true; useACMEHost = rootDomain; }; "tv.${rootDomain}" = { - locations."/".proxyPass = - "http://${ports.bensIp}:${toString ports.jellyfin}"; + locations."/".proxyPass = "http://${ports.bensIp}:${toString ports.jellyfin}"; forceSSL = true; useACMEHost = rootDomain; }; "cal.${rootDomain}" = { - locations."/".proxyPass = - "http://localhost:${toString ports.radicale}"; + locations."/".proxyPass = "http://localhost:${toString ports.radicale}"; forceSSL = true; useACMEHost = rootDomain; extraConfig = '' @@ -178,8 +171,7 @@ in { }; "reddit.${rootDomain}" = { - locations."/".proxyPass = - "http://localhost:${toString ports.libreddit}"; + locations."/".proxyPass = "http://localhost:${toString ports.libreddit}"; forceSSL = true; useACMEHost = rootDomain; }; @@ -195,8 +187,7 @@ in { }; "youtube.${rootDomain}" = { - locations."/".proxyPass = - "http://localhost:${toString ports.invidious}"; + locations."/".proxyPass = "http://localhost:${toString ports.invidious}"; forceSSL = true; useACMEHost = rootDomain; }; @@ -212,8 +203,7 @@ in { }; "dandel-rovbur.${rootDomain}" = { - locations."/".proxyPass = - "http://${ports.bensIp}:${toString ports.dandel-rovbur}"; + locations."/".proxyPass = "http://${ports.bensIp}:${toString ports.dandel-rovbur}"; forceSSL = true; useACMEHost = rootDomain; }; @@ -228,8 +218,7 @@ in { forceSSL = true; useACMEHost = rootDomain; locations."/" = { - proxyPass = - "http://${ports.bensIp}:${toString ports.stableDiffusion}"; + proxyPass = "http://${ports.bensIp}:${toString ports.stableDiffusion}"; proxyWebsockets = true; }; }; @@ -237,8 +226,7 @@ in { "music.${rootDomain}" = { forceSSL = true; useACMEHost = rootDomain; - locations."/".proxyPass = - "http://localhost:${toString ports.botamusique}"; + locations."/".proxyPass = "http://localhost:${toString ports.botamusique}"; }; "nostr.${rootDomain}" = { @@ -273,14 +261,14 @@ in { }; }; }; - }; }; }; # This must contain all of the other domains we host security.acme.certs.${rootDomain}.extraDomainNames = - [ "bsima.me" "www.bsima.me" ] ++ map (sub: "${sub}.${rootDomain}") [ + ["bsima.me" "www.bsima.me"] + ++ map (sub: "${sub}.${rootDomain}") [ "music" "tv" "matrix" |