Switch to nginx mainline

author: TheArcaneBrony <myrainbowdash949@gmail.com> 2023-09-25 19:12:45 +0200
committer: Rory& <root@rory.gay> 2024-06-05 17:25:16 +0200
commit: c47e2f0ab033cbb4ce54cadb6c024c20ad7b5145 (patch)
tree: cafe69cc37dbac1a2224ef1a01319cdec8f89910 /host/Spacebar-nginx/nginx-hosts/spacebar.chat/internal/secrets.nix
parent: Move boot target (diff)
download: Spacebar-Open-Infrastructure-c47e2f0ab033cbb4ce54cadb6c024c20ad7b5145.tar.xz
1 files changed, 20 insertions, 0 deletions
diff --git a/host/Spacebar-nginx/nginx-hosts/spacebar.chat/internal/secrets.nix b/host/Spacebar-nginx/nginx-hosts/spacebar.chat/internal/secrets.nix
new file mode 100644
index 0000000..cc0e299
--- /dev/null
+++ b/host/Spacebar-nginx/nginx-hosts/spacebar.chat/internal/secrets.nix
@@ -0,0 +1,20 @@
+{ lib, config }: {
+  root = "/data/nginx/secrets";
+  #use ip from ens18
+  listenAddresses = [ 
+    (lib.head config.networking.interfaces.ens18.ipv4.addresses).address
+   ];
+  locations = {
+    "/" = {
+      extraConfig =
+        "autoindex on;" + 
+        "allow 192.168.1.0/24;" +
+        "allow 127.0.0.1;" +
+        "deny all;"
+        ;
+    };
+    "^~ /.well-known/acme-challenge/" = {
+      root = "/var/lib/acme/acme-challenge";
+    };
+  };
+}
author	TheArcaneBrony <myrainbowdash949@gmail.com>	2023-09-25 19:12:45 +0200
committer	Rory& <root@rory.gay>	2024-06-05 17:25:16 +0200
commit	c47e2f0ab033cbb4ce54cadb6c024c20ad7b5145 (patch)
tree	cafe69cc37dbac1a2224ef1a01319cdec8f89910 /host/Spacebar-nginx/nginx-hosts/spacebar.chat/internal/secrets.nix
parent	Move boot target (diff)
download	Spacebar-Open-Infrastructure-c47e2f0ab033cbb4ce54cadb6c024c20ad7b5145.tar.xz