feat(hosts/luna): advertise pgp key via WKD
Some checks failed
Check Formatting of Files / Check-Formatting (push) Failing after 37s
Some checks failed
Check Formatting of Files / Check-Formatting (push) Failing after 37s
This commit is contained in:
parent
1d88a02ccf
commit
0c961c1d4d
GPG Key ID:
C3FADDE7A8534BEB
@ -1,31 +0,0 @@
|
|||||||
{ inputs, pkgs, ... }:
|
|
||||||
{
|
|
||||||
services.nginx = {
|
|
||||||
enable = true;
|
|
||||||
recommendedProxySettings = true;
|
|
||||||
recommendedOptimisation = true;
|
|
||||||
recommendedGzipSettings = true;
|
|
||||||
recommendedTlsSettings = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
security.acme = {
|
|
||||||
acceptTerms = true;
|
|
||||||
defaults.email = "price@price-hiller.com";
|
|
||||||
};
|
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
|
||||||
services.nginx.virtualHosts = {
|
|
||||||
"price-hiller.com" = {
|
|
||||||
forceSSL = true;
|
|
||||||
enableACME = true;
|
|
||||||
root = inputs.blog.packages.${pkgs.system}.default;
|
|
||||||
locations."/".extraConfig = ''
|
|
||||||
if ($request_uri ~ ^/(.*)\.html(\?|$)) {
|
|
||||||
return 302 /$1;
|
|
||||||
}
|
|
||||||
try_files $uri $uri.html $uri/ =404;
|
|
||||||
'';
|
|
||||||
locations."/".index = "home.html";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
||||||
45
hosts/luna/modules/services/nginx/default.nix
Normal file
45
hosts/luna/modules/services/nginx/default.nix
Normal file
@ -0,0 +1,45 @@
|
|||||||
|
{ inputs, pkgs, ... }:
|
||||||
|
{
|
||||||
|
services.nginx = {
|
||||||
|
enable = true;
|
||||||
|
recommendedProxySettings = true;
|
||||||
|
recommendedOptimisation = true;
|
||||||
|
recommendedGzipSettings = true;
|
||||||
|
recommendedTlsSettings = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
security.acme = {
|
||||||
|
acceptTerms = true;
|
||||||
|
defaults.email = "price@price-hiller.com";
|
||||||
|
};
|
||||||
|
|
||||||
|
networking.firewall.allowedTCPPorts = [
|
||||||
|
80
|
||||||
|
443
|
||||||
|
];
|
||||||
|
services.nginx.virtualHosts = {
|
||||||
|
"price-hiller.com" = {
|
||||||
|
forceSSL = true;
|
||||||
|
enableACME = true;
|
||||||
|
root = inputs.blog.packages.${pkgs.system}.default;
|
||||||
|
locations = {
|
||||||
|
"/" = {
|
||||||
|
extraConfig = ''
|
||||||
|
if ($request_uri ~ ^/(.*)\.html(\?|$)) {
|
||||||
|
return 302 /$1;
|
||||||
|
}
|
||||||
|
try_files $uri $uri.html $uri/ =404;
|
||||||
|
'';
|
||||||
|
index = "home.html";
|
||||||
|
};
|
||||||
|
"/.well-known/openpgpkey/hu/rnmhgp3dsaq8hjgu49j8oongugr5cg4" = {
|
||||||
|
index = pkgs.writeText "pgp-pub-wkd" builtins.readFile ./public-pgp-key.asc;
|
||||||
|
extraConfig = ''
|
||||||
|
default_type application/octet-stream;
|
||||||
|
add_header Access-Control-Allow-Origin "*";
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
Binary file not shown.
Loading…
x
Reference in New Issue
Block a user