{ config, pkgs, lib, ... }: { imports = [ ../../modules/base.nix ]; networking = { hostName = "Spacebar-nginx"; interfaces.ens18.ipv4.addresses = [ { address = "192.168.1.2"; prefixLength = 24; } ]; interfaces.ens19.ipv4.addresses = [ { address = "10.10.11.2"; prefixLength = 16; } ]; }; services = { nginx = { enable = true; package = pkgs.nginxQuic; recommendedProxySettings = true; recommendedTlsSettings = true; clientMaxBodySize = "50m"; virtualHosts = { # legacy "matrix.thearcanebrony.net" = import ./hosts/thearcanebrony.net/matrix.nix; "matrix.fosscord.com" = import ./hosts/fosscord.com/matrix.nix; # production "mail.spacebar.chat" = import ./hosts/spacebar.chat/mail.nix; "grafana.spacebar.chat" = import ./hosts/spacebar.chat/grafana.nix; "old.server.spacebar.chat" = import ./hosts/spacebar.chat/server/old/root.nix; "api.old.server.spacebar.chat" = import ./hosts/spacebar.chat/server/old/api.nix; "cdn.old.server.spacebar.chat" = import ./hosts/spacebar.chat/server/old/cdn.nix; "gateway.old.server.spacebar.chat" = import ./hosts/spacebar.chat/server/old/gateway.nix; # local only "secrets.internal.spacebar.chat" = import ./hosts/spacebar.chat/internal/secrets.nix { inherit lib config; }; }; }; }; systemd.services.nginx.requires = [ "data.mount" ]; security.acme.acceptTerms = true; security.acme.defaults.email = "chris@spacebar.chat"; # security.acme.server = "https://acme-staging-v02.api.letsencrypt.org/directory"; system.stateVersion = "22.11"; # DO NOT EDIT! }