diff options
| author | Rory& <root@rory.gay> | 2024-02-19 11:18:45 +0100 |
|---|---|---|
| committer | Rory& <root@rory.gay> | 2024-06-05 17:25:16 +0200 |
| commit | 7720ba2a8c17e31ea303e5b5c72bf8239d65c6c0 (patch) | |
| tree | 3b7c1094a10b7dd8b3562debd8c9c72cf0d8cfd8 /host/Spacebar-nginx/containers/spacebar-server/services/nginx.nix | |
| parent | Switch dev/nix instance to master (diff) | |
| download | Spacebar-Open-Infrastructure-7720ba2a8c17e31ea303e5b5c72bf8239d65c6c0.tar.xz | |
Fix container folder name
Diffstat (limited to 'host/Spacebar-nginx/containers/spacebar-server/services/nginx.nix')
| -rwxr-xr-x | host/Spacebar-nginx/containers/spacebar-server/services/nginx.nix | 114 |
1 files changed, 114 insertions, 0 deletions
diff --git a/host/Spacebar-nginx/containers/spacebar-server/services/nginx.nix b/host/Spacebar-nginx/containers/spacebar-server/services/nginx.nix new file mode 100755 index 0000000..ea312a3 --- /dev/null +++ b/host/Spacebar-nginx/containers/spacebar-server/services/nginx.nix @@ -0,0 +1,114 @@ +{ config, pkgs, lib, spacebar-server, rootDomain, ... }: + +{ + services = { + nginx = { + enable = true; + package = pkgs.nginxMainline; + recommendedProxySettings = true; + recommendedZstdSettings = true; + recommendedGzipSettings = true; + recommendedBrotliSettings = true; + recommendedOptimisation = true; + appendConfig = '' + worker_processes 16; + ''; + eventsConfig = '' + #use kqueue; + worker_connections 512; + ''; + appendHttpConfig = '' + #sendfile on; + disable_symlinks off; + ''; + additionalModules = with pkgs.nginxModules; [ + moreheaders + ]; + virtualHosts = { + "${rootDomain}" = { + locations."= /.well-known/spacebarchat/client".extraConfig = '' + more_set_headers 'Content-Type application/json'; + more_set_headers 'Access-Control-Allow-Origin *'; + return 200 '${builtins.toJSON { + cdn = "cdn.${rootDomain}"; + gateway = "gateway.${rootDomain}"; + api = "api.${rootDomain}"; + }}'; + ''; + }; + "api.${rootDomain}" = { + locations."/" = { + proxyPass = "http://127.0.0.1:3001"; + extraConfig = '' + if ($request_method = 'OPTIONS') { + more_set_headers 'Access-Control-Allow-Origin: *'; + more_set_headers 'Access-Control-Allow-Methods: *'; + # + # Custom headers and headers various browsers *should* be OK with but aren't + # + more_set_headers 'Access-Control-Allow-Headers: *'; + # + # Tell client that this pre-flight info is valid for 20 days + # + more_set_headers 'Access-Control-Max-Age: 1728000'; + more_set_headers 'Content-Type: text/plain; charset=utf-8'; + more_set_headers 'Content-Length: 0'; + return 204; + } + ''; + }; + }; + "cdn.${rootDomain}" = { + locations."/" = { + proxyPass = "http://127.0.0.1:3003"; + extraConfig = '' + if ($request_method = 'OPTIONS') { + more_set_headers 'Access-Control-Allow-Origin: *'; + more_set_headers 'Access-Control-Allow-Methods: *'; + # + # Custom headers and headers various browsers *should* be OK with but aren't + # + more_set_headers 'Access-Control-Allow-Headers: *'; + # + # Tell client that this pre-flight info is valid for 20 days + # + more_set_headers 'Access-Control-Max-Age: 1728000'; + more_set_headers 'Content-Type: text/plain; charset=utf-8'; + more_set_headers 'Content-Length: 0'; + return 204; + } + ''; + }; + }; + "gateway.${rootDomain}" = { + locations."/" = { + proxyPass = "http://127.0.0.1:3002"; + extraConfig = '' + if ($request_method = 'OPTIONS') { + more_set_headers 'Access-Control-Allow-Origin: *'; + more_set_headers 'Access-Control-Allow-Methods: *'; + # + # Custom headers and headers various browsers *should* be OK with but aren't + # + more_set_headers 'Access-Control-Allow-Headers: *'; + # + # Tell client that this pre-flight info is valid for 20 days + # + more_set_headers 'Access-Control-Max-Age: 1728000'; + more_set_headers 'Content-Type: text/plain; charset=utf-8'; + more_set_headers 'Content-Length: 0'; + return 204; + } + ''; + }; + }; + }; + }; + }; + + systemd.services.nginx.serviceConfig = { + LimitNOFILE=5000000; + }; + + system.stateVersion = "22.11"; # DO NOT EDIT! +} |