motiejus/config
1
Fork 0
Code Packages Releases Activity

caddy: move to vno1-oh2

Browse Source
This commit is contained in:
Motiejus Jakštys 2023-08-25 16:44:41 +03:00
parent ee4a2cc4b7
commit cc6af1c68f
3 changed files with 46 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
data.nix
View File

@ -80,8 +80,8 @@ rec {
@ SOA ns1.jakstys.lt. motiejus.jakstys.lt. (2023032100 86400 86400 86400 86400) @ SOA ns1.jakstys.lt. motiejus.jakstys.lt. (2023032100 86400 86400 86400 86400)
@ NS ns1.jakstys.lt. @ NS ns1.jakstys.lt.
@ NS ns2.jakstys.lt. @ NS ns2.jakstys.lt.
@ 60 A ${hel1a} @ 60 A ${vno1}
www 60 A ${hel1a} www 60 A ${vno1}
ns1 A ${vno1} ns1 A ${vno1}
ns2 A ${hel1a} ns2 A ${hel1a}
vpn 600 A ${hel1a} vpn 600 A ${hel1a}

6
hosts/hel1-a/configuration.nix
View File

@ -119,12 +119,12 @@
caddy = { caddy = {
enable = true; enable = true;
email = "motiejus+acme@jakstys.lt"; email = "motiejus+acme@jakstys.lt";
virtualHosts."www.jakstys.lt".extraConfig = ''
redir https://jakstys.lt
'';
virtualHosts."fwmine.jakstys.lt".extraConfig = '' virtualHosts."fwmine.jakstys.lt".extraConfig = ''
reverse_proxy fwmine.motiejus.jakst:8080 reverse_proxy fwmine.motiejus.jakst:8080
''; '';
virtualHosts."www.jakstys.lt".extraConfig = ''
redir https://jakstys.lt
'';
virtualHosts."jakstys.lt" = { virtualHosts."jakstys.lt" = {
logFormat = '' logFormat = ''
output file ${config.services.caddy.logDir}/access-jakstys.lt.log { output file ${config.services.caddy.logDir}/access-jakstys.lt.log {

42
hosts/vno1-oh2/configuration.nix
View File

@ -158,11 +158,49 @@
caddy = { caddy = {
enable = true; enable = true;
email = "motiejus+acme@jakstys.lt"; email = "motiejus+acme@jakstys.lt";
virtualHosts."grafana.jakstys.lt" = { virtualHosts."grafana.jakstys.lt".extraConfig = ''
extraConfig = ''
reverse_proxy 127.0.0.1:3000 reverse_proxy 127.0.0.1:3000
tls {$CREDENTIALS_DIRECTORY}/grafana.jakstys.lt-cert.pem {$CREDENTIALS_DIRECTORY}/grafana.jakstys.lt-key.pem tls {$CREDENTIALS_DIRECTORY}/grafana.jakstys.lt-cert.pem {$CREDENTIALS_DIRECTORY}/grafana.jakstys.lt-key.pem
''; '';
virtualHosts."www.jakstys.lt".extraConfig = ''
redir https://jakstys.lt
'';
virtualHosts."jakstys.lt" = {
logFormat = ''
output file ${config.services.caddy.logDir}/access-jakstys.lt.log {
roll_disabled
}
'';
extraConfig = ''
header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
header /_/* Cache-Control "public, max-age=31536000, immutable"
root * /var/www/jakstys.lt
file_server {
precompressed br gzip
}
@matrixMatch {
path /.well-known/matrix/client
path /.well-known/matrix/server
}
header @matrixMatch Content-Type application/json
header @matrixMatch Access-Control-Allow-Origin *
header @matrixMatch Cache-Control "public, max-age=3600, immutable"
handle /.well-known/matrix/client {
respond "{\"m.homeserver\": {\"base_url\": \"https://jakstys.lt\"}}" 200
}
handle /.well-known/matrix/server {
respond "{\"m.server\": \"jakstys.lt:443\"}" 200
}
handle /_matrix/* {
encode gzip
reverse_proxy http://127.0.0.1:${toString myData.ports.matrix-synapse}
}
'';
}; };
}; };