nixos

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs

default.nix (1355B)

      1 {config, ...}: {
      2 	services.caddy = {
      3 		enable = true;
      4 		email = "me@tb148.net";
      5 		openFirewall = true;
      6 		virtualHosts = {
      7 			"tb148.net" = {
      8 				extraConfig =
      9 					builtins.concatStringsSep "\n" [
     10 						"root /srv/tb148.net"
     11 						"file_server"
     12 						"reverse_proxy /.well-known/matrix/* unix/${config.services.matrix-continuwuity.settings.global.unix_socket_path}"
     13 						"handle_errors 404 {"
     14 						"	rewrite /404/"
     15 						"	file_server"
     16 						"}"
     17 					];
     18 			};
     19 			"tb148.net:45384" = {
     20 				extraConfig = ''respond "彩蛋"'';
     21 			};
     22 			"git.tb148.net" = {
     23 				extraConfig =
     24 					builtins.concatStringsSep "\n" [
     25 						"root /srv/git.tb148.net"
     26 						"file_server"
     27 					];
     28 			};
     29 			"matrix.tb148.net" = {
     30 				extraConfig = "reverse_proxy unix/${config.services.matrix-continuwuity.settings.global.unix_socket_path}";
     31 			};
     32 			"openpgpkey.tb148.net" = {
     33 				extraConfig =
     34 					builtins.concatStringsSep "\n" [
     35 						"root /srv/openpgpkey.tb148.net"
     36 						"file_server"
     37 						''header Content-Type "application/octet-stream"''
     38 						''header Access-Control-Allow-Origin "*"''
     39 					];
     40 			};
     41 			"vault.tb148.net" = {
     42 				extraConfig = "reverse_proxy 127.0.0.1:8222";
     43 			};
     44 			"www.tb148.net" = {
     45 				extraConfig = "redir https://tb148.net{uri} permanent";
     46 			};
     47 		};
     48 	};
     49 	networking.firewall = {
     50 		allowedTCPPorts = [45384];
     51 		allowedUDPPorts = [45384];
     52 	};
     53 }