diff --git a/host/Rory-ovh/services/nginx/rory.gay/api.safensound.nix b/host/Rory-ovh/services/nginx/rory.gay/api.safensound.nix
index b0ff075..0a44039 100755
--- a/host/Rory-ovh/services/nginx/rory.gay/api.safensound.nix
+++ b/host/Rory-ovh/services/nginx/rory.gay/api.safensound.nix
@@ -1,4 +1,4 @@
-{ config }:
+{ config }:
{
enableACME = !config.virtualisation.isVmVariant;
addSSL = !config.virtualisation.isVmVariant;
diff --git a/host/Rory-ovh/services/nginx/rory.gay/cgit.nix b/host/Rory-ovh/services/nginx/rory.gay/cgit.nix
index 7b49a42..7788e64 100755
--- a/host/Rory-ovh/services/nginx/rory.gay/cgit.nix
+++ b/host/Rory-ovh/services/nginx/rory.gay/cgit.nix
@@ -1,4 +1,4 @@
-{ config }:
+{ config }:
{
enableACME = !config.virtualisation.isVmVariant;
addSSL = !config.virtualisation.isVmVariant;
diff --git a/host/Rory-ovh/services/nginx/rory.gay/conduit.matrixunittests.nix b/host/Rory-ovh/services/nginx/rory.gay/conduit.matrixunittests.nix
index 231d5e3..b436336 100755
--- a/host/Rory-ovh/services/nginx/rory.gay/conduit.matrixunittests.nix
+++ b/host/Rory-ovh/services/nginx/rory.gay/conduit.matrixunittests.nix
@@ -1,4 +1,4 @@
-{ config }:
+{ config }:
{
enableACME = !config.virtualisation.isVmVariant;
addSSL = !config.virtualisation.isVmVariant;
diff --git a/host/Rory-ovh/services/nginx/rory.gay/demo.safensound.nix b/host/Rory-ovh/services/nginx/rory.gay/demo.safensound.nix
index f75c78b..40ecfb0 100755
--- a/host/Rory-ovh/services/nginx/rory.gay/demo.safensound.nix
+++ b/host/Rory-ovh/services/nginx/rory.gay/demo.safensound.nix
@@ -1,13 +1,13 @@
-{ config }:
+{ config }:
{
enableACME = !config.virtualisation.isVmVariant;
addSSL = !config.virtualisation.isVmVariant;
-# quic = true;
+ # quic = true;
http3 = !config.virtualisation.isVmVariant;
http3_hq = !config.virtualisation.isVmVariant;
kTLS = !config.virtualisation.isVmVariant;
root = "/data/nginx/html_safensound_demo";
-# reuseport = true;
+ # reuseport = true;
extraConfig = ''
brotli off;
brotli_static off;
diff --git a/host/Rory-ovh/services/nginx/rory.gay/ec.nix b/host/Rory-ovh/services/nginx/rory.gay/ec.nix
index c50b1f9..18cf3e1 100755
--- a/host/Rory-ovh/services/nginx/rory.gay/ec.nix
+++ b/host/Rory-ovh/services/nginx/rory.gay/ec.nix
@@ -1,4 +1,4 @@
-{ config }:
+{ config }:
{
enableACME = !config.virtualisation.isVmVariant;
addSSL = !config.virtualisation.isVmVariant;
diff --git a/host/Rory-ovh/services/nginx/rory.gay/libmatrix-fed-test.nix b/host/Rory-ovh/services/nginx/rory.gay/libmatrix-fed-test.nix
index c2909d6..9284e8a 100755
--- a/host/Rory-ovh/services/nginx/rory.gay/libmatrix-fed-test.nix
+++ b/host/Rory-ovh/services/nginx/rory.gay/libmatrix-fed-test.nix
@@ -1,4 +1,4 @@
-{ config }:
+{ config }:
{
enableACME = !config.virtualisation.isVmVariant;
addSSL = !config.virtualisation.isVmVariant;
diff --git a/host/Rory-ovh/services/nginx/rory.gay/matrix-bak.nix b/host/Rory-ovh/services/nginx/rory.gay/matrix-bak.nix
index 1af3669..694a521 100755
--- a/host/Rory-ovh/services/nginx/rory.gay/matrix-bak.nix
+++ b/host/Rory-ovh/services/nginx/rory.gay/matrix-bak.nix
@@ -1,4 +1,4 @@
-{ config }:
+{ config }:
{
enableACME = !config.virtualisation.isVmVariant;
addSSL = !config.virtualisation.isVmVariant;
diff --git a/host/Rory-ovh/services/nginx/rory.gay/matrix.nix b/host/Rory-ovh/services/nginx/rory.gay/matrix.nix
index 45a507f..609b8af 100755
--- a/host/Rory-ovh/services/nginx/rory.gay/matrix.nix
+++ b/host/Rory-ovh/services/nginx/rory.gay/matrix.nix
@@ -1,4 +1,4 @@
-{ config }:
+{ config }:
{
enableACME = !config.virtualisation.isVmVariant;
addSSL = !config.virtualisation.isVmVariant;
@@ -65,8 +65,4 @@
}
}';
'';
-
- locations."~ ^/(client/|_matrix/client/unstable/org.matrix.msc3575/sync)" = {
- proxyPass = "http://localhost:8100";
- };
}
diff --git a/host/Rory-ovh/services/nginx/rory.gay/matrixunittests.nix b/host/Rory-ovh/services/nginx/rory.gay/matrixunittests.nix
index f23f0dd..eae32f7 100755
--- a/host/Rory-ovh/services/nginx/rory.gay/matrixunittests.nix
+++ b/host/Rory-ovh/services/nginx/rory.gay/matrixunittests.nix
@@ -1,4 +1,4 @@
-{ config }:
+{ config }:
{
enableACME = !config.virtualisation.isVmVariant;
addSSL = !config.virtualisation.isVmVariant;
diff --git a/host/Rory-ovh/services/nginx/rory.gay/mru.nix b/host/Rory-ovh/services/nginx/rory.gay/mru.nix
index 6e685de..cb010b4 100755
--- a/host/Rory-ovh/services/nginx/rory.gay/mru.nix
+++ b/host/Rory-ovh/services/nginx/rory.gay/mru.nix
@@ -1,13 +1,13 @@
-{ config }:
+{ config }:
{
enableACME = !config.virtualisation.isVmVariant;
addSSL = !config.virtualisation.isVmVariant;
-# quic = true;
+ # quic = true;
http3 = !config.virtualisation.isVmVariant;
http3_hq = !config.virtualisation.isVmVariant;
kTLS = !config.virtualisation.isVmVariant;
root = "/data/nginx/html_mru";
-# reuseport = true;
+ # reuseport = true;
extraConfig = ''
brotli off;
brotli_static off;
diff --git a/host/Rory-ovh/services/nginx/rory.gay/root.nix b/host/Rory-ovh/services/nginx/rory.gay/root.nix
index a7720ec..2f491cf 100755
--- a/host/Rory-ovh/services/nginx/rory.gay/root.nix
+++ b/host/Rory-ovh/services/nginx/rory.gay/root.nix
@@ -1,4 +1,4 @@
-{ config }:
+{ config }:
{
enableACME = !config.virtualisation.isVmVariant;
addSSL = !config.virtualisation.isVmVariant;
diff --git a/host/Rory-ovh/services/nginx/rory.gay/safensound.nix b/host/Rory-ovh/services/nginx/rory.gay/safensound.nix
index 9208129..5c3cfd7 100755
--- a/host/Rory-ovh/services/nginx/rory.gay/safensound.nix
+++ b/host/Rory-ovh/services/nginx/rory.gay/safensound.nix
@@ -1,13 +1,13 @@
-{ config }:
+{ config }:
{
enableACME = !config.virtualisation.isVmVariant;
addSSL = !config.virtualisation.isVmVariant;
-# quic = true;
+ # quic = true;
http3 = !config.virtualisation.isVmVariant;
http3_hq = !config.virtualisation.isVmVariant;
kTLS = !config.virtualisation.isVmVariant;
root = "/data/nginx/html_safensound";
-# reuseport = true;
+ # reuseport = true;
extraConfig = ''
brotli off;
brotli_static off;
diff --git a/host/Rory-ovh/services/nginx/rory.gay/stream.nix b/host/Rory-ovh/services/nginx/rory.gay/stream.nix
index caed22f..cad3d13 100755
--- a/host/Rory-ovh/services/nginx/rory.gay/stream.nix
+++ b/host/Rory-ovh/services/nginx/rory.gay/stream.nix
@@ -1,4 +1,4 @@
-{ config }:
+{ config }:
{
enableACME = !config.virtualisation.isVmVariant;
addSSL = !config.virtualisation.isVmVariant;
@@ -8,26 +8,26 @@
proxyWebsockets = true;
recommendedProxySettings = true;
extraConfig = ''
- proxy_ssl_verify off;
-# proxy_set_header Host youthapp.inuits.dev;
- proxy_ssl_server_name on;
+ proxy_ssl_verify off;
+ # proxy_set_header Host youthapp.inuits.dev;
+ proxy_ssl_server_name on;
- more_set_headers 'Access-Control-Allow-Origin: *';
- more_set_headers 'Access-Control-Allow-Methods: *';
- #
- # Custom headers and headers various browsers *should* be OK with but aren't
- #
- more_set_headers 'Access-Control-Allow-Headers: *, Authorization';
- #
- # Tell client that this pre-flight info is valid for 20 days
- #
- more_set_headers 'Access-Control-Max-Age: 1728000';
+ more_set_headers 'Access-Control-Allow-Origin: *';
+ more_set_headers 'Access-Control-Allow-Methods: *';
+ #
+ # Custom headers and headers various browsers *should* be OK with but aren't
+ #
+ more_set_headers 'Access-Control-Allow-Headers: *, Authorization';
+ #
+ # Tell client that this pre-flight info is valid for 20 days
+ #
+ more_set_headers 'Access-Control-Max-Age: 1728000';
- if ($request_method = 'OPTIONS') {
- more_set_headers 'Content-Type: text/plain; charset=utf-8';
- more_set_headers 'Content-Length: 0';
- return 204;
- }
+ if ($request_method = 'OPTIONS') {
+ more_set_headers 'Content-Type: text/plain; charset=utf-8';
+ more_set_headers 'Content-Length: 0';
+ return 204;
+ }
'';
};
};
diff --git a/host/Rory-ovh/services/nginx/rory.gay/syntest1.nix b/host/Rory-ovh/services/nginx/rory.gay/syntest1.nix
new file mode 100755
index 0000000..7c60eb0
--- /dev/null
+++ b/host/Rory-ovh/services/nginx/rory.gay/syntest1.nix
@@ -0,0 +1,68 @@
+{ config }:
+{
+ enableACME = !config.virtualisation.isVmVariant;
+ addSSL = !config.virtualisation.isVmVariant;
+ locations."/" = {
+ #proxyPass = "http://127.0.0.1:9001";
+ proxyPass = "http://192.168.100.20:8008";
+ extraConfig = ''
+ if ($request_method = 'OPTIONS') {
+ more_set_headers 'Access-Control-Allow-Origin: *';
+ more_set_headers 'Access-Control-Allow-Methods: *';
+ #
+ # Custom headers and headers various browsers *should* be OK with but aren't
+ #
+ more_set_headers 'Access-Control-Allow-Headers: *, Authorization';
+ #
+ # Tell client that this pre-flight info is valid for 20 days
+ #
+ more_set_headers 'Access-Control-Max-Age: 1728000';
+ more_set_headers 'Content-Type: text/plain; charset=utf-8';
+ more_set_headers 'Content-Length: 0';
+ return 204;
+ }
+ '';
+ };
+
+ locations."= /.well-known/matrix/server".extraConfig = ''
+ more_set_headers 'Content-Type application/json';
+ more_set_headers 'Access-Control-Allow-Origin *';
+ return 200 '${builtins.toJSON { "m.server" = "syntest1.rory.gay:443"; }}';
+ '';
+ locations."= /.well-known/matrix/client".extraConfig = ''
+ more_set_headers 'Content-Type application/json';
+ more_set_headers 'Access-Control-Allow-Origin *';
+ return 200 '${
+ builtins.toJSON {
+ "m.homeserver".base_url = "https://syntest1.rory.gay";
+ "org.matrix.msc3575.proxy".url = "https://syntest1.rory.gay";
+ }
+ }';
+ '';
+ locations."= /.well-known/matrix/support".extraConfig = ''
+ more_set_headers 'Content-Type application/json';
+ more_set_headers 'Access-Control-Allow-Origin *';
+ return 200 '${
+ builtins.toJSON {
+ admins = [
+ {
+ matrix_id = "@emma:rory.gay";
+ role = "admin";
+ }
+ {
+ matrix_id = "@alicia:rory.gay";
+ role = "admin";
+ }
+ {
+ matrix_id = "@root:rory.gay";
+ role = "admin";
+ }
+ {
+ matrix_id = "@rory:rory.gay";
+ role = "admin";
+ }
+ ];
+ }
+ }';
+ '';
+}
diff --git a/host/Rory-ovh/services/nginx/rory.gay/syntest2.nix b/host/Rory-ovh/services/nginx/rory.gay/syntest2.nix
new file mode 100755
index 0000000..f1dbcc4
--- /dev/null
+++ b/host/Rory-ovh/services/nginx/rory.gay/syntest2.nix
@@ -0,0 +1,68 @@
+{ config }:
+{
+ enableACME = !config.virtualisation.isVmVariant;
+ addSSL = !config.virtualisation.isVmVariant;
+ locations."/" = {
+ #proxyPass = "http://127.0.0.1:9001";
+ proxyPass = "http://192.168.100.21:8008";
+ extraConfig = ''
+ if ($request_method = 'OPTIONS') {
+ more_set_headers 'Access-Control-Allow-Origin: *';
+ more_set_headers 'Access-Control-Allow-Methods: *';
+ #
+ # Custom headers and headers various browsers *should* be OK with but aren't
+ #
+ more_set_headers 'Access-Control-Allow-Headers: *, Authorization';
+ #
+ # Tell client that this pre-flight info is valid for 20 days
+ #
+ more_set_headers 'Access-Control-Max-Age: 1728000';
+ more_set_headers 'Content-Type: text/plain; charset=utf-8';
+ more_set_headers 'Content-Length: 0';
+ return 204;
+ }
+ '';
+ };
+
+ locations."= /.well-known/matrix/server".extraConfig = ''
+ more_set_headers 'Content-Type application/json';
+ more_set_headers 'Access-Control-Allow-Origin *';
+ return 200 '${builtins.toJSON { "m.server" = "syntest2.rory.gay:443"; }}';
+ '';
+ locations."= /.well-known/matrix/client".extraConfig = ''
+ more_set_headers 'Content-Type application/json';
+ more_set_headers 'Access-Control-Allow-Origin *';
+ return 200 '${
+ builtins.toJSON {
+ "m.homeserver".base_url = "https://syntest2.rory.gay";
+ "org.matrix.msc3575.proxy".url = "https://syntest2.rory.gay";
+ }
+ }';
+ '';
+ locations."= /.well-known/matrix/support".extraConfig = ''
+ more_set_headers 'Content-Type application/json';
+ more_set_headers 'Access-Control-Allow-Origin *';
+ return 200 '${
+ builtins.toJSON {
+ admins = [
+ {
+ matrix_id = "@emma:rory.gay";
+ role = "admin";
+ }
+ {
+ matrix_id = "@alicia:rory.gay";
+ role = "admin";
+ }
+ {
+ matrix_id = "@root:rory.gay";
+ role = "admin";
+ }
+ {
+ matrix_id = "@rory:rory.gay";
+ role = "admin";
+ }
+ ];
+ }
+ }';
+ '';
+}
|
