diff options
Diffstat (limited to 'host/Rory-nginx/services/nginx.nix')
| -rwxr-xr-x | host/Rory-nginx/services/nginx.nix | 95 |
1 files changed, 95 insertions, 0 deletions
diff --git a/host/Rory-nginx/services/nginx.nix b/host/Rory-nginx/services/nginx.nix new file mode 100755 index 0000000..56b09f4 --- /dev/null +++ b/host/Rory-nginx/services/nginx.nix @@ -0,0 +1,95 @@ +{ config, pkgs, lib, ... }: + +{ + imports = + [ + ../../modules/base-server.nix + #../../modules/packages/gitfs.nix + ]; + + services = { + nginx = { + enable = true; + package = pkgs.nginxQuic; + recommendedProxySettings = true; + recommendedTlsSettings = true; + recommendedZstdSettings = true; + recommendedGzipSettings = true; + recommendedBrotliSettings = true; + recommendedOptimisation = true; + defaultMimeTypes = ../../modules/packages/nginx/mime.types; + appendConfig = '' + worker_processes 16; + ''; + eventsConfig = '' + #use kqueue; + worker_connections 512; + ''; + appendHttpConfig = '' + #sendfile on; + disable_symlinks off; + ''; + upstreams = import ./matrix/upstreams.nix; + additionalModules = with pkgs.nginxModules; [ + moreheaders + ]; + virtualHosts = { + "siliconheaven.thearcanebrony.net" = import ./hosts/thearcanebrony.net/siliconheaven.nix; + "lfs.thearcanebrony.net" = import ./hosts/thearcanebrony.net/lfs.nix; + "http.thearcanebrony.net" = import ./hosts/thearcanebrony.net/http.nix; + "thearcanebrony.net" = import ./hosts/thearcanebrony.net/root.nix; + "sentry.thearcanebrony.net" = import ./hosts/thearcanebrony.net/sentry.nix; + "awooradio.thearcanebrony.net" = import ./hosts/thearcanebrony.net/awooradio.nix; + "search.thearcanebrony.net" = import ./hosts/thearcanebrony.net/search.nix; + "git.thearcanebrony.net" = import ./hosts/thearcanebrony.net/git.nix; + "files.thearcanebrony.net" = import ./hosts/thearcanebrony.net/files.nix; + "spigotav.thearcanebrony.net" = import ./hosts/thearcanebrony.net/spigotav.nix; + "terra.thearcanebrony.net" = import ./hosts/thearcanebrony.net/terra.nix; + "vives.thearcanebrony.net" = import ./hosts/thearcanebrony.net/vives.nix; + "rory.gay" = import ./hosts/rory.gay/root.nix; + "rory.boo" = import ./hosts/rory.gay/root.nix; + "lfs.rory.gay" = import ./hosts/rory.gay/lfs.nix; + "git.rory.gay" = import ./hosts/rory.gay/git.nix; + "matrix.rory.gay" = import ./hosts/rory.gay/matrix.nix; + "mru.rory.gay" = import ./hosts/rory.gay/mru.nix; + "tunnel.rory.boo" = import ./hosts/rory.boo/tunnel.nix; + "boorunav.com" = import ./hosts/boorunav.com/root.nix; + "catgirlsaresexy.com" = import ./hosts/catgirlsaresexy.com/root.nix; + "sugarcanemc.org" = import ./hosts/sugarcanemc.org/root.nix; + + #bots... + "0bottests.bots.rory.gay" = import ./hosts/rory.gay/bots.nix; + "catnipbot.bots.rory.gay" = import ./hosts/rory.gay/bots.nix; + "impulsyeeter.bots.rory.gay" = import ./hosts/rory.gay/bots.nix; + "omnibot.bots.rory.gay" = import ./hosts/rory.gay/bots.nix; + "yatopiawatchdog.bots.rory.gay" = import ./hosts/rory.gay/bots.nix; + "playground.bots.rory.gay" = import ./hosts/rory.gay/bots.nix; + "kinobot.bots.rory.gay" = import ./hosts/rory.gay/bots.nix; + "siliconbotpublic.bots.rory.gay" = import ./hosts/rory.gay/bots.nix; + "thearcanebot.bots.rory.gay" = import ./hosts/rory.gay/bots.nix; + "anonbot.bots.rory.gay" = import ./hosts/rory.gay/bots.nix; + "hericanbot.bots.rory.gay" = import ./hosts/rory.gay/bots.nix; + "siliconbot.bots.rory.gay" = import ./hosts/rory.gay/bots.nix; + "impulsbot.bots.rory.gay" = import ./hosts/rory.gay/bots.nix; + "studiobot.bots.rory.gay" = import ./hosts/rory.gay/bots.nix; + "carsnbots.bots.rory.gay" = import ./hosts/rory.gay/bots.nix; + "binsh.bots.rory.gay" = import ./hosts/rory.gay/bots.nix; + "fosscordbot.bots.rory.gay" = import ./hosts/rory.gay/bots.nix; + "sugarcanebot.bots.rory.gay" = import ./hosts/rory.gay/bots.nix; + "gradbot.bots.rory.gay" = import ./hosts/rory.gay/bots.nix; + }; + }; + }; + systemd.services.nginx.serviceConfig = { + LimitNOFILE=5000000; + }; + systemd.services.nginx.requires = [ "data.mount" ]; + security.acme.acceptTerms = true; + security.acme.defaults.email = "root@thearcanebrony.net"; + + environment.systemPackages = with pkgs; [ + #gitfs + ]; + + system.stateVersion = "22.11"; # DO NOT EDIT! +} |