diff --git a/hosts/thegeneralist-central/configuration.nix b/hosts/thegeneralist-central/configuration.nix index 88eff86..1e5ec17 100644 --- a/hosts/thegeneralist-central/configuration.nix +++ b/hosts/thegeneralist-central/configuration.nix @@ -15,7 +15,6 @@ extraGroups = [ "wheel" "audio" "video" "input" "scanner" "docker" ]; shell = pkgs.zsh; home = "/home/thegeneralist"; - homeMode = "0750"; hashedPasswordFile = config.age.secrets.password.path; openssh.authorizedKeys.keys = let inherit (import ../../keys.nix) thegeneralist; @@ -68,3 +67,4 @@ system.stateVersion = "24.11"; } + diff --git a/hosts/thegeneralist-central/forgejo/default.nix b/hosts/thegeneralist-central/forgejo/default.nix index 1f54c11..3ba7af7 100644 --- a/hosts/thegeneralist-central/forgejo/default.nix +++ b/hosts/thegeneralist-central/forgejo/default.nix @@ -148,7 +148,6 @@ in users.users.gitea-runner = { isSystemUser = true; group = "gitea-runner"; - extraGroups = [ "users" ]; home = "/var/lib/gitea-runner/central"; createHome = true; }; diff --git a/hosts/thegeneralist-central/site.nix b/hosts/thegeneralist-central/site.nix index 538f1ad..82a1c08 100644 --- a/hosts/thegeneralist-central/site.nix +++ b/hosts/thegeneralist-central/site.nix @@ -56,19 +56,16 @@ in virtualHosts."${family_domain}" = { root = "/var/www/${family_domain}/dist"; - locations."/".tryFiles = "$uri $uri/index.html $uri.html =404"; + locations."/".tryFiles = "$uri $uri.html $uri/ $uri/index.html =404"; extraConfig = '' - absolute_redirect off; - - location ~* \.(html|css|js|jpg|jpeg|png|gif|svg|ico)$ { - expires 1d; - add_header Cache-Control "public"; + if ($http_x_forwarded_proto = "http") { + return 301 https://${family_domain}$request_uri; } - location ~* \.(ttf|woff2?)$ { - expires 1y; - add_header Cache-Control "public, immutable"; + location ~* \.(html|css|js|jpg|jpeg|png|gif|svg|ico|woff2?)$ { + expires 1d; + add_header Cache-Control "public"; } error_page 404 /404.html;