diff --git a/host/Rory-ovh/services/nginx/nginx.nix b/host/Rory-ovh/services/nginx/nginx.nix
index fee1573..72fbef0 100755
--- a/host/Rory-ovh/services/nginx/nginx.nix
+++ b/host/Rory-ovh/services/nginx/nginx.nix
@@ -41,7 +41,7 @@ in
#"boorunav.com" = serveDir { path = "/data/nginx/html_boorunav"; };
# "catgirlsaresexy.com" = serveDir { path = "/data/nginx/html_catgirlsaresexy"; };
# "sugarcanemc.org" = serveDir { path = "/data/nginx/html_sugarcanemc"; };
-#
+ #
#"siliconheaven.thearcanebrony.net" = serveDir { path = "/data/nginx/html_siliconheaven"; };
#"lfs.thearcanebrony.net" = serveDir { path = "/data/nginx/html_lfs"; };
#"git.thearcanebrony.net" = serveDir { path = "/data/nginx/html_git"; };
@@ -49,27 +49,29 @@ in
#"spigotav.thearcanebrony.net" = serveDir { path = "/data/nginx/html_spigotav"; };
#"terra.thearcanebrony.net" = serveDir { path = "/data/nginx/html_terrarchive"; };
#"vives.thearcanebrony.net" = serveDir { path = "/data/nginx/html_vives"; };
-#
+ #
# "git.rory.gay" = serveDir { path = "/data/nginx/html_git"; };
# "wad.rory.gay" = serveDir { path = "/data/nginx/html_wad"; } // {
# locations."/".extraConfig = "autoindex on; try_files $uri $uri/ /index.html;";
# };
# "wad-api.rory.gay" = import ./rory.gay/wad-api.nix;
-#
+ #
#"thearcanebrony.net" = import ./thearcanebrony.net/root.nix;
# "sentry.thearcanebrony.net" = import ./thearcanebrony.net/sentry.nix;
# "search.thearcanebrony.net" = import ./thearcanebrony.net/search.nix;
-#
+ #
"rory.gay" = import ./rory.gay/root.nix { inherit config; };
# "lfs.rory.gay" = serveDir { path = "/data/nginx/html_lfs"; };
-#
+ #
# "awooradio.thearcanebrony.net" = import ./thearcanebrony.net/awooradio.nix;
"cgit.rory.gay" = import ./rory.gay/cgit.nix { inherit config; };
# #"jitsi.rory.gay" = import ./rory.gay/jitsi.nix;
-#
+ #
# #matrix...
# "conduit.rory.gay" = import ./rory.gay/conduit.nix;
"matrix.rory.gay" = import ./rory.gay/matrix.nix { inherit config; };
+ "syntest1.rory.gay" = import ./rory.gay/syntest1.nix { inherit config; };
+ "syntest2.rory.gay" = import ./rory.gay/syntest2.nix { inherit config; };
"libmatrix-fed-test.rory.gay" = import ./rory.gay/libmatrix-fed-test.nix { inherit config; };
"safensound.rory.gay" = import ./rory.gay/safensound.nix { inherit config; };
"demo.safensound.rory.gay" = import ./rory.gay/demo.safensound.nix { inherit config; };
@@ -90,6 +92,9 @@ in
security.acme.defaults.email = "root@rory.gay";
networking.hosts."127.0.0.1" = builtins.attrNames config.services.nginx.virtualHosts;
- networking.firewall.allowedTCPPorts = [ 80 443 ];
+ networking.firewall.allowedTCPPorts = [
+ 80
+ 443
+ ];
networking.firewall.allowedUDPPorts = [ 443 ];
}
diff --git a/host/Rory-ovh/services/nginx/rory.gay/api.safensound.nix b/host/Rory-ovh/services/nginx/rory.gay/api.safensound.nix
index b0ff075..0a44039 100755
--- a/host/Rory-ovh/services/nginx/rory.gay/api.safensound.nix
+++ b/host/Rory-ovh/services/nginx/rory.gay/api.safensound.nix
@@ -1,4 +1,4 @@
-{ config }:
+{ config }:
{
enableACME = !config.virtualisation.isVmVariant;
addSSL = !config.virtualisation.isVmVariant;
diff --git a/host/Rory-ovh/services/nginx/rory.gay/cgit.nix b/host/Rory-ovh/services/nginx/rory.gay/cgit.nix
index 7b49a42..7788e64 100755
--- a/host/Rory-ovh/services/nginx/rory.gay/cgit.nix
+++ b/host/Rory-ovh/services/nginx/rory.gay/cgit.nix
@@ -1,4 +1,4 @@
-{ config }:
+{ config }:
{
enableACME = !config.virtualisation.isVmVariant;
addSSL = !config.virtualisation.isVmVariant;
diff --git a/host/Rory-ovh/services/nginx/rory.gay/conduit.matrixunittests.nix b/host/Rory-ovh/services/nginx/rory.gay/conduit.matrixunittests.nix
index 231d5e3..b436336 100755
--- a/host/Rory-ovh/services/nginx/rory.gay/conduit.matrixunittests.nix
+++ b/host/Rory-ovh/services/nginx/rory.gay/conduit.matrixunittests.nix
@@ -1,4 +1,4 @@
-{ config }:
+{ config }:
{
enableACME = !config.virtualisation.isVmVariant;
addSSL = !config.virtualisation.isVmVariant;
diff --git a/host/Rory-ovh/services/nginx/rory.gay/demo.safensound.nix b/host/Rory-ovh/services/nginx/rory.gay/demo.safensound.nix
index f75c78b..40ecfb0 100755
--- a/host/Rory-ovh/services/nginx/rory.gay/demo.safensound.nix
+++ b/host/Rory-ovh/services/nginx/rory.gay/demo.safensound.nix
@@ -1,13 +1,13 @@
-{ config }:
+{ config }:
{
enableACME = !config.virtualisation.isVmVariant;
addSSL = !config.virtualisation.isVmVariant;
-# quic = true;
+ # quic = true;
http3 = !config.virtualisation.isVmVariant;
http3_hq = !config.virtualisation.isVmVariant;
kTLS = !config.virtualisation.isVmVariant;
root = "/data/nginx/html_safensound_demo";
-# reuseport = true;
+ # reuseport = true;
extraConfig = ''
brotli off;
brotli_static off;
diff --git a/host/Rory-ovh/services/nginx/rory.gay/ec.nix b/host/Rory-ovh/services/nginx/rory.gay/ec.nix
index c50b1f9..18cf3e1 100755
--- a/host/Rory-ovh/services/nginx/rory.gay/ec.nix
+++ b/host/Rory-ovh/services/nginx/rory.gay/ec.nix
@@ -1,4 +1,4 @@
-{ config }:
+{ config }:
{
enableACME = !config.virtualisation.isVmVariant;
addSSL = !config.virtualisation.isVmVariant;
diff --git a/host/Rory-ovh/services/nginx/rory.gay/libmatrix-fed-test.nix b/host/Rory-ovh/services/nginx/rory.gay/libmatrix-fed-test.nix
index c2909d6..9284e8a 100755
--- a/host/Rory-ovh/services/nginx/rory.gay/libmatrix-fed-test.nix
+++ b/host/Rory-ovh/services/nginx/rory.gay/libmatrix-fed-test.nix
@@ -1,4 +1,4 @@
-{ config }:
+{ config }:
{
enableACME = !config.virtualisation.isVmVariant;
addSSL = !config.virtualisation.isVmVariant;
diff --git a/host/Rory-ovh/services/nginx/rory.gay/matrix-bak.nix b/host/Rory-ovh/services/nginx/rory.gay/matrix-bak.nix
index 1af3669..694a521 100755
--- a/host/Rory-ovh/services/nginx/rory.gay/matrix-bak.nix
+++ b/host/Rory-ovh/services/nginx/rory.gay/matrix-bak.nix
@@ -1,4 +1,4 @@
-{ config }:
+{ config }:
{
enableACME = !config.virtualisation.isVmVariant;
addSSL = !config.virtualisation.isVmVariant;
diff --git a/host/Rory-ovh/services/nginx/rory.gay/matrix.nix b/host/Rory-ovh/services/nginx/rory.gay/matrix.nix
index 45a507f..609b8af 100755
--- a/host/Rory-ovh/services/nginx/rory.gay/matrix.nix
+++ b/host/Rory-ovh/services/nginx/rory.gay/matrix.nix
@@ -1,4 +1,4 @@
-{ config }:
+{ config }:
{
enableACME = !config.virtualisation.isVmVariant;
addSSL = !config.virtualisation.isVmVariant;
@@ -65,8 +65,4 @@
}
}';
'';
-
- locations."~ ^/(client/|_matrix/client/unstable/org.matrix.msc3575/sync)" = {
- proxyPass = "http://localhost:8100";
- };
}
diff --git a/host/Rory-ovh/services/nginx/rory.gay/matrixunittests.nix b/host/Rory-ovh/services/nginx/rory.gay/matrixunittests.nix
index f23f0dd..eae32f7 100755
--- a/host/Rory-ovh/services/nginx/rory.gay/matrixunittests.nix
+++ b/host/Rory-ovh/services/nginx/rory.gay/matrixunittests.nix
@@ -1,4 +1,4 @@
-{ config }:
+{ config }:
{
enableACME = !config.virtualisation.isVmVariant;
addSSL = !config.virtualisation.isVmVariant;
diff --git a/host/Rory-ovh/services/nginx/rory.gay/mru.nix b/host/Rory-ovh/services/nginx/rory.gay/mru.nix
index 6e685de..cb010b4 100755
--- a/host/Rory-ovh/services/nginx/rory.gay/mru.nix
+++ b/host/Rory-ovh/services/nginx/rory.gay/mru.nix
@@ -1,13 +1,13 @@
-{ config }:
+{ config }:
{
enableACME = !config.virtualisation.isVmVariant;
addSSL = !config.virtualisation.isVmVariant;
-# quic = true;
+ # quic = true;
http3 = !config.virtualisation.isVmVariant;
http3_hq = !config.virtualisation.isVmVariant;
kTLS = !config.virtualisation.isVmVariant;
root = "/data/nginx/html_mru";
-# reuseport = true;
+ # reuseport = true;
extraConfig = ''
brotli off;
brotli_static off;
diff --git a/host/Rory-ovh/services/nginx/rory.gay/root.nix b/host/Rory-ovh/services/nginx/rory.gay/root.nix
index a7720ec..2f491cf 100755
--- a/host/Rory-ovh/services/nginx/rory.gay/root.nix
+++ b/host/Rory-ovh/services/nginx/rory.gay/root.nix
@@ -1,4 +1,4 @@
-{ config }:
+{ config }:
{
enableACME = !config.virtualisation.isVmVariant;
addSSL = !config.virtualisation.isVmVariant;
diff --git a/host/Rory-ovh/services/nginx/rory.gay/safensound.nix b/host/Rory-ovh/services/nginx/rory.gay/safensound.nix
index 9208129..5c3cfd7 100755
--- a/host/Rory-ovh/services/nginx/rory.gay/safensound.nix
+++ b/host/Rory-ovh/services/nginx/rory.gay/safensound.nix
@@ -1,13 +1,13 @@
-{ config }:
+{ config }:
{
enableACME = !config.virtualisation.isVmVariant;
addSSL = !config.virtualisation.isVmVariant;
-# quic = true;
+ # quic = true;
http3 = !config.virtualisation.isVmVariant;
http3_hq = !config.virtualisation.isVmVariant;
kTLS = !config.virtualisation.isVmVariant;
root = "/data/nginx/html_safensound";
-# reuseport = true;
+ # reuseport = true;
extraConfig = ''
brotli off;
brotli_static off;
diff --git a/host/Rory-ovh/services/nginx/rory.gay/stream.nix b/host/Rory-ovh/services/nginx/rory.gay/stream.nix
index caed22f..cad3d13 100755
--- a/host/Rory-ovh/services/nginx/rory.gay/stream.nix
+++ b/host/Rory-ovh/services/nginx/rory.gay/stream.nix
@@ -1,4 +1,4 @@
-{ config }:
+{ config }:
{
enableACME = !config.virtualisation.isVmVariant;
addSSL = !config.virtualisation.isVmVariant;
@@ -8,26 +8,26 @@
proxyWebsockets = true;
recommendedProxySettings = true;
extraConfig = ''
- proxy_ssl_verify off;
-# proxy_set_header Host youthapp.inuits.dev;
- proxy_ssl_server_name on;
+ proxy_ssl_verify off;
+ # proxy_set_header Host youthapp.inuits.dev;
+ proxy_ssl_server_name on;
- more_set_headers 'Access-Control-Allow-Origin: *';
- more_set_headers 'Access-Control-Allow-Methods: *';
- #
- # Custom headers and headers various browsers *should* be OK with but aren't
- #
- more_set_headers 'Access-Control-Allow-Headers: *, Authorization';
- #
- # Tell client that this pre-flight info is valid for 20 days
- #
- more_set_headers 'Access-Control-Max-Age: 1728000';
+ more_set_headers 'Access-Control-Allow-Origin: *';
+ more_set_headers 'Access-Control-Allow-Methods: *';
+ #
+ # Custom headers and headers various browsers *should* be OK with but aren't
+ #
+ more_set_headers 'Access-Control-Allow-Headers: *, Authorization';
+ #
+ # Tell client that this pre-flight info is valid for 20 days
+ #
+ more_set_headers 'Access-Control-Max-Age: 1728000';
- if ($request_method = 'OPTIONS') {
- more_set_headers 'Content-Type: text/plain; charset=utf-8';
- more_set_headers 'Content-Length: 0';
- return 204;
- }
+ if ($request_method = 'OPTIONS') {
+ more_set_headers 'Content-Type: text/plain; charset=utf-8';
+ more_set_headers 'Content-Length: 0';
+ return 204;
+ }
'';
};
};
diff --git a/host/Rory-ovh/services/nginx/rory.gay/syntest1.nix b/host/Rory-ovh/services/nginx/rory.gay/syntest1.nix
new file mode 100755
index 0000000..7c60eb0
--- /dev/null
+++ b/host/Rory-ovh/services/nginx/rory.gay/syntest1.nix
@@ -0,0 +1,68 @@
+{ config }:
+{
+ enableACME = !config.virtualisation.isVmVariant;
+ addSSL = !config.virtualisation.isVmVariant;
+ locations."/" = {
+ #proxyPass = "http://127.0.0.1:9001";
+ proxyPass = "http://192.168.100.20:8008";
+ extraConfig = ''
+ if ($request_method = 'OPTIONS') {
+ more_set_headers 'Access-Control-Allow-Origin: *';
+ more_set_headers 'Access-Control-Allow-Methods: *';
+ #
+ # Custom headers and headers various browsers *should* be OK with but aren't
+ #
+ more_set_headers 'Access-Control-Allow-Headers: *, Authorization';
+ #
+ # Tell client that this pre-flight info is valid for 20 days
+ #
+ more_set_headers 'Access-Control-Max-Age: 1728000';
+ more_set_headers 'Content-Type: text/plain; charset=utf-8';
+ more_set_headers 'Content-Length: 0';
+ return 204;
+ }
+ '';
+ };
+
+ locations."= /.well-known/matrix/server".extraConfig = ''
+ more_set_headers 'Content-Type application/json';
+ more_set_headers 'Access-Control-Allow-Origin *';
+ return 200 '${builtins.toJSON { "m.server" = "syntest1.rory.gay:443"; }}';
+ '';
+ locations."= /.well-known/matrix/client".extraConfig = ''
+ more_set_headers 'Content-Type application/json';
+ more_set_headers 'Access-Control-Allow-Origin *';
+ return 200 '${
+ builtins.toJSON {
+ "m.homeserver".base_url = "https://syntest1.rory.gay";
+ "org.matrix.msc3575.proxy".url = "https://syntest1.rory.gay";
+ }
+ }';
+ '';
+ locations."= /.well-known/matrix/support".extraConfig = ''
+ more_set_headers 'Content-Type application/json';
+ more_set_headers 'Access-Control-Allow-Origin *';
+ return 200 '${
+ builtins.toJSON {
+ admins = [
+ {
+ matrix_id = "@emma:rory.gay";
+ role = "admin";
+ }
+ {
+ matrix_id = "@alicia:rory.gay";
+ role = "admin";
+ }
+ {
+ matrix_id = "@root:rory.gay";
+ role = "admin";
+ }
+ {
+ matrix_id = "@rory:rory.gay";
+ role = "admin";
+ }
+ ];
+ }
+ }';
+ '';
+}
diff --git a/host/Rory-ovh/services/nginx/rory.gay/syntest2.nix b/host/Rory-ovh/services/nginx/rory.gay/syntest2.nix
new file mode 100755
index 0000000..f1dbcc4
--- /dev/null
+++ b/host/Rory-ovh/services/nginx/rory.gay/syntest2.nix
@@ -0,0 +1,68 @@
+{ config }:
+{
+ enableACME = !config.virtualisation.isVmVariant;
+ addSSL = !config.virtualisation.isVmVariant;
+ locations."/" = {
+ #proxyPass = "http://127.0.0.1:9001";
+ proxyPass = "http://192.168.100.21:8008";
+ extraConfig = ''
+ if ($request_method = 'OPTIONS') {
+ more_set_headers 'Access-Control-Allow-Origin: *';
+ more_set_headers 'Access-Control-Allow-Methods: *';
+ #
+ # Custom headers and headers various browsers *should* be OK with but aren't
+ #
+ more_set_headers 'Access-Control-Allow-Headers: *, Authorization';
+ #
+ # Tell client that this pre-flight info is valid for 20 days
+ #
+ more_set_headers 'Access-Control-Max-Age: 1728000';
+ more_set_headers 'Content-Type: text/plain; charset=utf-8';
+ more_set_headers 'Content-Length: 0';
+ return 204;
+ }
+ '';
+ };
+
+ locations."= /.well-known/matrix/server".extraConfig = ''
+ more_set_headers 'Content-Type application/json';
+ more_set_headers 'Access-Control-Allow-Origin *';
+ return 200 '${builtins.toJSON { "m.server" = "syntest2.rory.gay:443"; }}';
+ '';
+ locations."= /.well-known/matrix/client".extraConfig = ''
+ more_set_headers 'Content-Type application/json';
+ more_set_headers 'Access-Control-Allow-Origin *';
+ return 200 '${
+ builtins.toJSON {
+ "m.homeserver".base_url = "https://syntest2.rory.gay";
+ "org.matrix.msc3575.proxy".url = "https://syntest2.rory.gay";
+ }
+ }';
+ '';
+ locations."= /.well-known/matrix/support".extraConfig = ''
+ more_set_headers 'Content-Type application/json';
+ more_set_headers 'Access-Control-Allow-Origin *';
+ return 200 '${
+ builtins.toJSON {
+ admins = [
+ {
+ matrix_id = "@emma:rory.gay";
+ role = "admin";
+ }
+ {
+ matrix_id = "@alicia:rory.gay";
+ role = "admin";
+ }
+ {
+ matrix_id = "@root:rory.gay";
+ role = "admin";
+ }
+ {
+ matrix_id = "@rory:rory.gay";
+ role = "admin";
+ }
+ ];
+ }
+ }';
+ '';
+}
|
