summary refs log tree commit diff
path: root/host/Spacebar-nginx/configuration.nix
blob: 5037c8170016df5451c9073c8ec77b6348c1f379 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
{ config, pkgs, lib, ... }:

{
  imports =
    [
      ../../modules/base.nix
    ];

  networking = {
    hostName = "Spacebar-nginx";
    interfaces.ens18.ipv4.addresses = [ { 
      address = "192.168.1.2";
      prefixLength = 24;
    } ];
    interfaces.ens19.ipv4.addresses = [ {
      address = "10.10.11.2";
      prefixLength = 16;
    } ];
  };

  services = {
    nginx = {
      enable = true;
      package = pkgs.nginxQuic;
      recommendedProxySettings = true;
      recommendedTlsSettings = true;
      clientMaxBodySize = "50m";
      virtualHosts = {
        # legacy
        "matrix.thearcanebrony.net" = import ./hosts/thearcanebrony.net/matrix.nix;
        "matrix.fosscord.com" = import ./hosts/fosscord.com/matrix.nix;

        # production
        "mail.spacebar.chat" = import ./hosts/spacebar.chat/mail.nix;
        "grafana.spacebar.chat" = import ./hosts/spacebar.chat/grafana.nix;
        "old.server.spacebar.chat" = import ./hosts/spacebar.chat/server/old/root.nix;
        "api.old.server.spacebar.chat" = import ./hosts/spacebar.chat/server/old/api.nix;
        "cdn.old.server.spacebar.chat" = import ./hosts/spacebar.chat/server/old/cdn.nix;
        "gateway.old.server.spacebar.chat" = import ./hosts/spacebar.chat/server/old/gateway.nix;

        # local only
        "secrets.internal.spacebar.chat" = import ./hosts/spacebar.chat/internal/secrets.nix { inherit lib config; };
      };
    };
  };
  systemd.services.nginx.requires = [ "data.mount" ];
  security.acme.acceptTerms = true;
  security.acme.defaults.email = "chris@spacebar.chat";
  # security.acme.server = "https://acme-staging-v02.api.letsencrypt.org/directory";

  system.stateVersion = "22.11"; # DO NOT EDIT!
}