mirror of
https://github.com/thegeneralist01/config.git
synced 2026-05-30 08:37:01 +02:00
Clean up retired site config
This commit is contained in:
parent
ec497ddace
commit
2f6b684b28
SSH key fingerprint:
SHA256:pp9qddbCNmVNoSjevdvQvM5z0DHN7LTa8qBMbcMq/R4
5 changed files with 5 additions and 91 deletions
|
|
@ -1,13 +1,4 @@
|
|||
{ config, pkgs, ... }:
|
||||
let
|
||||
domain = "thegeneralist01.com";
|
||||
family_domain = builtins.getEnv "FAMILY_DOMAIN";
|
||||
|
||||
ssl = {
|
||||
quic = true;
|
||||
useACMEHost = domain;
|
||||
};
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
./acme
|
||||
|
|
@ -32,56 +23,7 @@ in
|
|||
statusPage = true;
|
||||
validateConfigFile = true;
|
||||
|
||||
virtualHosts."${domain}" = ssl // {
|
||||
root = "/var/www/${domain}";
|
||||
locations."/".tryFiles = "$uri $uri.html $uri/ $uri/index.html =404";
|
||||
|
||||
extraConfig = ''
|
||||
if ($http_x_forwarded_proto = "http") {
|
||||
return 301 https://${domain}$request_uri;
|
||||
}
|
||||
|
||||
location ~* \.(html|css|js|jpg|jpeg|png|gif|svg|ico|woff2?)$ {
|
||||
expires 1d;
|
||||
add_header Cache-Control "public";
|
||||
}
|
||||
|
||||
error_page 404 /404.html;
|
||||
'';
|
||||
};
|
||||
|
||||
virtualHosts."www.${domain}" = ssl // {
|
||||
locations."/".return = "306 https://${domain}$request_uri";
|
||||
};
|
||||
|
||||
virtualHosts."${family_domain}" = {
|
||||
root = "/var/www/${family_domain}/dist";
|
||||
locations."/".tryFiles = "$uri $uri/index.html $uri.html =404";
|
||||
|
||||
extraConfig = ''
|
||||
absolute_redirect off;
|
||||
|
||||
location ~* \.(html|css|js|jpg|jpeg|png|gif|svg|ico)$ {
|
||||
expires 1d;
|
||||
add_header Cache-Control "public";
|
||||
}
|
||||
|
||||
location ~* \.(ttf|woff2?)$ {
|
||||
expires 1y;
|
||||
add_header Cache-Control "public, immutable";
|
||||
}
|
||||
|
||||
error_page 404 /404.html;
|
||||
'';
|
||||
};
|
||||
|
||||
virtualHosts."www.${family_domain}" = {
|
||||
locations."/".return = "306 https://${family_domain}$request_uri";
|
||||
};
|
||||
|
||||
# virtualHosts._ = ssl // {
|
||||
# locations."/".return = "307 https://${domain}/404";
|
||||
# };
|
||||
# Domain-specific virtual hosts live in the service modules below.
|
||||
};
|
||||
|
||||
# Cloudflare
|
||||
|
|
@ -89,7 +31,6 @@ in
|
|||
|
||||
age.secrets.cftcert.file = ./cert.pem.age;
|
||||
age.secrets.cftcredentials.file = ./credentials.age;
|
||||
age.secrets.cftcredentials_personal.file = ./credentials_personal.age;
|
||||
|
||||
services.cloudflared = {
|
||||
enable = true;
|
||||
|
|
@ -98,8 +39,6 @@ in
|
|||
tunnels = {
|
||||
"site" = {
|
||||
ingress = {
|
||||
"thegeneralist01.com" = "http://localhost:80";
|
||||
"www.thegeneralist01.com" = "http://localhost:80";
|
||||
"cache.thegeneralist01.com" = "http://localhost:80";
|
||||
"git.thegeneralist01.com" = "http://localhost:3000";
|
||||
};
|
||||
|
|
@ -108,16 +47,6 @@ in
|
|||
credentialsFile = config.age.secrets.cftcredentials.path;
|
||||
certificateFile = config.age.secrets.cftcert.path;
|
||||
};
|
||||
"personal" = {
|
||||
ingress = {
|
||||
"${family_domain}" = "http://localhost:80";
|
||||
"www.${family_domain}" = "http://localhost:80";
|
||||
};
|
||||
default = "http_status:404";
|
||||
|
||||
credentialsFile = config.age.secrets.cftcredentials_personal.path;
|
||||
certificateFile = config.age.secrets.cftcert.path;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue