blob: 5037c8170016df5451c9073c8ec77b6348c1f379 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
|
{ config, pkgs, lib, ... }:
{
imports =
[
../../modules/base.nix
];
networking = {
hostName = "Spacebar-nginx";
interfaces.ens18.ipv4.addresses = [ {
address = "192.168.1.2";
prefixLength = 24;
} ];
interfaces.ens19.ipv4.addresses = [ {
address = "10.10.11.2";
prefixLength = 16;
} ];
};
services = {
nginx = {
enable = true;
package = pkgs.nginxQuic;
recommendedProxySettings = true;
recommendedTlsSettings = true;
clientMaxBodySize = "50m";
virtualHosts = {
# legacy
"matrix.thearcanebrony.net" = import ./hosts/thearcanebrony.net/matrix.nix;
"matrix.fosscord.com" = import ./hosts/fosscord.com/matrix.nix;
# production
"mail.spacebar.chat" = import ./hosts/spacebar.chat/mail.nix;
"grafana.spacebar.chat" = import ./hosts/spacebar.chat/grafana.nix;
"old.server.spacebar.chat" = import ./hosts/spacebar.chat/server/old/root.nix;
"api.old.server.spacebar.chat" = import ./hosts/spacebar.chat/server/old/api.nix;
"cdn.old.server.spacebar.chat" = import ./hosts/spacebar.chat/server/old/cdn.nix;
"gateway.old.server.spacebar.chat" = import ./hosts/spacebar.chat/server/old/gateway.nix;
# local only
"secrets.internal.spacebar.chat" = import ./hosts/spacebar.chat/internal/secrets.nix { inherit lib config; };
};
};
};
systemd.services.nginx.requires = [ "data.mount" ];
security.acme.acceptTerms = true;
security.acme.defaults.email = "chris@spacebar.chat";
# security.acme.server = "https://acme-staging-v02.api.letsencrypt.org/directory";
system.stateVersion = "22.11"; # DO NOT EDIT!
}
|