74k1.sh / tix
(T)im's N(ix) Flake, Multi-Host Configurations for all of my machines! 74k1.sh/
nixos nix
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

feat(nginx): shenanigans

74k1 629c07de a7441229

+36 -22
+11 -11
hosts/nixos/duvet/configuration.nix
··· 158 158 ''; 159 159 }; 160 160 }; 161 - # "wall.74k1.sh" = { 162 - # addSSL = true; 163 - # enableACME = true; 164 - # root = "/var/www/wall.74k1.sh/"; 165 - # locations."/".index = "index.php"; 166 - # locations."~ \\.php$".extraConfig = '' 167 - # fastcgi_pass unix:${config.services.phpfpm.pools.mypool.socket}; 168 - # fastcgi_index index.php; 169 - # ''; 170 - # }; 161 + "wall.74k1.sh" = { 162 + addSSL = true; 163 + enableACME = true; 164 + root = "/var/www/wall.74k1.sh/"; 165 + locations."/".index = "index.php"; 166 + locations."~ \\.php$".extraConfig = '' 167 + fastcgi_pass unix:${config.services.phpfpm.pools.mypool.socket}; 168 + fastcgi_index index.php; 169 + ''; 170 + }; 171 171 "74k1.sh" = { 172 172 addSSL = true; 173 173 enableACME = true; ··· 177 177 addSSL = true; 178 178 enableACME = true; 179 179 root = "/var/www/taki.moe/"; 180 - # locations."/".index = "index.php"; 180 + locations."/".index = "index.php index.html index.txt"; 181 181 locations."~ \\.php$".extraConfig = '' 182 182 fastcgi_pass unix:${config.services.phpfpm.pools.mypool.socket}; 183 183 fastcgi_index index.php;
+25 -11
hosts/nixos/eiri/configuration.nix
··· 197 197 ''; 198 198 199 199 virtualHosts = { 200 - "eiri.74k1.sh" = { 200 + "eiri.${allSecrets.global.domain1}" = { 201 201 addSSL = true; 202 - enableACME = true; 202 + # enableACME = true; 203 + useACMEHost = "eiri.${allSecrets.global.domain1}"; 203 204 locations."/" = { 204 205 proxyPass = "http://127.0.0.1"; 205 206 }; 206 207 }; 207 - # "transmission.eiri.74k1.sh" = { 208 - # addSSL = true; 209 - # enableACME = true; 210 - # locations."/" = { 211 - # proxyPass = "http://127.0.0.1:9091"; 212 - # }; 213 - # }; 208 + "transmission.eiri.${allSecrets.global.domain1}" = { 209 + addSSL = true; 210 + # enableACME = true; 211 + useACMEHost = "eiri.${allSecrets.global.domain1}"; 212 + locations."/" = { 213 + proxyPass = "http://127.0.0.1:9091"; 214 + # proxyWebsockets = true; 215 + }; 216 + }; 217 + "graylog.eiri.${allSecrets.global.domain1}" = { 218 + addSSL = true; 219 + useACMEHost = "eiri.${allSecrets.global.domain1}"; 220 + locations."/" = { 221 + proxyPass = "http://255.255.255.255:9000"; 222 + proxyWebsockets = true; 223 + }; 224 + }; 214 225 }; 215 226 }; 216 227 }; ··· 239 250 240 251 security.acme = { 241 252 acceptTerms = true; 242 - defaults.email = "${allSecrets.global.mail.acme}"; 253 + defaults = { 254 + email = "${allSecrets.global.mail.acme}"; 255 + group = "nginx"; 256 + }; 243 257 certs = let 244 258 inherit (allSecrets.global) domain1; 245 259 in { 246 260 "eiri.${domain1}" = { 247 261 domain = "eiri.${domain1}"; 248 262 dnsProvider = "namecheap"; 249 - dnsPropagationCheck = true; 263 + dnsPropagationCheck = false; 250 264 environmentFile = config.age.secrets."namecheap_api_secrets".path; 251 265 # credentialFiles = { 252 266 # "NAMECHEAP_API_KEY_FILE" = ;