JakeHillion/nixos
1
0
Fork 0
Code Issues 7 Pull Requests 5 Actions Packages Projects Releases Wiki Activity
01675c85cb
nixos/modules/www/global.nix
Jake Hillion 01675c85cb
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
mastodon: initial setup
2023-04-29 23:34:44 +01:00

92 lines
2.7 KiB
Nix
Raw Blame History

{ pkgs, lib, config, ... }:
let
cfg = config.custom.www.global;
locations = config.custom.locations.locations;
in
{
options.custom.www.global = {
enable = lib.mkEnableOption "global";
};
config = lib.mkIf cfg.enable {
users.users.caddy.extraGroups = [ "mastodon" ];
services.caddy = {
enable = true;
virtualHosts."hillion.co.uk".extraConfig = ''
handle /.well-known/* {
respond /.well-known/matrix/server "{\"m.server\": \"matrix.hillion.co.uk:443\"}" 200
respond 404
}
handle {
redir https://blog.hillion.co.uk{uri}
}
'';
virtualHosts."blog.hillion.co.uk".extraConfig = ''
root * /var/www/blog.hillion.co.uk
file_server
'';
virtualHosts."gitea.hillion.co.uk".extraConfig = ''
reverse_proxy http://gitea.gitea.ts.hillion.co.uk:3000
'';
virtualHosts."homeassistant.hillion.co.uk".extraConfig = ''
reverse_proxy http://homeassistant.homeassistant.ts.hillion.co.uk:8123
'';
virtualHosts."emby.hillion.co.uk".extraConfig = ''
reverse_proxy http://plex.mediaserver.ts.hillion.co.uk:8096
'';
virtualHosts."matrix.hillion.co.uk".extraConfig = ''
reverse_proxy http://${locations.services.matrix}:8008
'';
virtualHosts."unifi.hillion.co.uk".extraConfig = ''
reverse_proxy https://unifi.unifi.ts.hillion.co.uk:8443 {
transport http {
tls_insecure_skip_verify
}
}
'';
virtualHosts."drone.hillion.co.uk".extraConfig = ''
reverse_proxy http://vm.strangervm.ts.hillion.co.uk:18733
'';
virtualHosts."social.hillion.co.uk".extraConfig = ''
handle_path /system/* {
file_server * {
root /var/lib/mastodon/public-system
}
}
handle /api/v1/streaming/* {
reverse_proxy unix//run/mastodon-streaming/streaming.socket
}
route * {
file_server * {
root ${pkgs.mastodon}/public
pass_thru
}
reverse_proxy * unix//run/mastodon-web/web.socket
}
handle_errors {
root * ${pkgs.mastodon}/public
rewrite 500.html
file_server
}
encode gzip
header /* {
Strict-Transport-Security "max-age=31536000;"
}
header /emoji/* Cache-Control "public, max-age=31536000, immutable"
header /packs/* Cache-Control "public, max-age=31536000, immutable"
header /system/accounts/avatars/* Cache-Control "public, max-age=31536000, immutable"
header /system/media_attachments/files/* Cache-Control "public, max-age=31536000, immutable"
'';
};
};
}
Reference in New Issue View Git Blame Copy Permalink