From 41d3da9bb3c6363d67584c2ad11bf9235365dcfe Mon Sep 17 00:00:00 2001 From: TheGeneralist <180094941+thegeneralist01@users.noreply.github.com> Date: Sun, 25 Jan 2026 15:57:04 +0100 Subject: [PATCH 1/4] site: fix redirect issues --- hosts/thegeneralist-central/site.nix | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/hosts/thegeneralist-central/site.nix b/hosts/thegeneralist-central/site.nix index 82a1c08..ff2f95c 100644 --- a/hosts/thegeneralist-central/site.nix +++ b/hosts/thegeneralist-central/site.nix @@ -56,12 +56,10 @@ in virtualHosts."${family_domain}" = { root = "/var/www/${family_domain}/dist"; - locations."/".tryFiles = "$uri $uri.html $uri/ $uri/index.html =404"; + locations."/".tryFiles = "$uri $uri/index.html $uri.html =404"; extraConfig = '' - if ($http_x_forwarded_proto = "http") { - return 301 https://${family_domain}$request_uri; - } + absolute_redirect off; location ~* \.(html|css|js|jpg|jpeg|png|gif|svg|ico|woff2?)$ { expires 1d; From 7a9c496f0283f7e0340e06557545040c8221f474 Mon Sep 17 00:00:00 2001 From: TheGeneralist <180094941+thegeneralist01@users.noreply.github.com> Date: Sun, 25 Jan 2026 16:12:47 +0100 Subject: [PATCH 2/4] site: cache fonts --- hosts/thegeneralist-central/site.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/hosts/thegeneralist-central/site.nix b/hosts/thegeneralist-central/site.nix index ff2f95c..538f1ad 100644 --- a/hosts/thegeneralist-central/site.nix +++ b/hosts/thegeneralist-central/site.nix @@ -61,11 +61,16 @@ in extraConfig = '' absolute_redirect off; - location ~* \.(html|css|js|jpg|jpeg|png|gif|svg|ico|woff2?)$ { + location ~* \.(html|css|js|jpg|jpeg|png|gif|svg|ico)$ { expires 1d; add_header Cache-Control "public"; } + location ~* \.(ttf|woff2?)$ { + expires 1y; + add_header Cache-Control "public, immutable"; + } + error_page 404 /404.html; ''; }; From 897a0ac8808ac03b6c2621222b600ba02e5e8e83 Mon Sep 17 00:00:00 2001 From: TheGeneralist <180094941+thegeneralist01@users.noreply.github.com> Date: Sun, 25 Jan 2026 16:29:19 +0100 Subject: [PATCH 3/4] forgejo: add gitea-runner to users group --- hosts/thegeneralist-central/forgejo/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/thegeneralist-central/forgejo/default.nix b/hosts/thegeneralist-central/forgejo/default.nix index 3ba7af7..1f54c11 100644 --- a/hosts/thegeneralist-central/forgejo/default.nix +++ b/hosts/thegeneralist-central/forgejo/default.nix @@ -148,6 +148,7 @@ in users.users.gitea-runner = { isSystemUser = true; group = "gitea-runner"; + extraGroups = [ "users" ]; home = "/var/lib/gitea-runner/central"; createHome = true; }; From 65ad4a6d6bd14bfbafe2091d6b3471cc788577b4 Mon Sep 17 00:00:00 2001 From: TheGeneralist <180094941+thegeneralist01@users.noreply.github.com> Date: Sun, 25 Jan 2026 16:36:52 +0100 Subject: [PATCH 4/4] users: set homeMode for thegeneralist --- hosts/thegeneralist-central/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/thegeneralist-central/configuration.nix b/hosts/thegeneralist-central/configuration.nix index 1e5ec17..88eff86 100644 --- a/hosts/thegeneralist-central/configuration.nix +++ b/hosts/thegeneralist-central/configuration.nix @@ -15,6 +15,7 @@ extraGroups = [ "wheel" "audio" "video" "input" "scanner" "docker" ]; shell = pkgs.zsh; home = "/home/thegeneralist"; + homeMode = "0750"; hashedPasswordFile = config.age.secrets.password.path; openssh.authorizedKeys.keys = let inherit (import ../../keys.nix) thegeneralist; @@ -67,4 +68,3 @@ system.stateVersion = "24.11"; } -