ahoneybun/nix-configs
1
0
Fork 0
mirror of https://gitlab.com/ahoneybun/nix-configs.git synced 2025-05-12 11:14:02 -06:00
Code Issues Projects Releases Packages Wiki Activity Actions

reorder

Browse source
This commit is contained in:
Aaron Honeycutt 2023-03-30 07:45:44 -06:00
parent d73d6e397a
commit 09e4163b2d
11 changed files with 0 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

0
web/.gitkeep Normal file
View file

20
web/ahoneybun-net.nix Normal file
View file

@ -0,0 +1,20 @@
{ config, pkgs, ... }:
{
security.acme.acceptTerms = true;
security.acme.defaults.email = "aaronhoneycutt@proton.me";
services.nginx = {
enable = true;
virtualHosts = {
"ahoneybun.net" = {
forceSSL = true;
enableACME = true;
locations."/" = {
root = "/var/www";
};
};
};
};
}

51
web/hydra-ahoneybun-net.nix Normal file
View file

@ -0,0 +1,51 @@
{ config, pkgs, ... }:
{
security.acme.acceptTerms = true;
security.acme.defaults.email = "aaronhoneycutt@proton.me";
services.nginx = {
enable = true;
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
recommendedProxySettings = true;
virtualHosts = {
"hydra.ahoneybun.net" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:3000";
extraConfig = ''
etag on;
gzip on;
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Methods' 'POST, PUT, DELETE, GET, PATCH, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type, Idempotency-Key' always;
add_header 'Access-Control-Expose-Headers' 'Link, X-RateLimit-Reset, X-RateLimit-Limit, X-RateLimit-Remaining, X-Request-Id' alway>
if ($request_method = OPTIONS) {
return 204;
}
add_header X-XSS-Protection "1; mode=block";
add_header X-Permitted-Cross-Domain-Policies none;
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header Referrer-Policy same-origin;
add_header X-Download-Options noopen;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
client_max_body_size 16m;
# NOTE: increase if users need to upload very big files
'';
};
};
};
};
}

31
web/lamp.nix Normal file
View file

@ -0,0 +1,31 @@
{ config, pkgs, ... }: {
services.nginx = {
enable = true;
virtualHosts."127.0.0.1" = {
root = "/var/www/html";
locations."~ \.php$".extraConfig = ''
fastcgi_pass unix:${config.services.phpfpm.pools.mypool.socket};
fastcgi_index index.php;
'';
};
};
services.mysql = {
enable = true;
package = pkgs.mariadb;
};
services.phpfpm.pools.mypool = {
user = "nobody";
settings = {
pm = "dynamic";
"listen.owner" = config.services.nginx.user;
"pm.max_children" = 5;
"pm.start_servers" = 2;
"pm.min_spare_servers" = 1;
"pm.max_spare_servers" = 3;
"pm.max_requests" = 500;
};
};
}

22
web/nginx-owncast.nix Normal file
View file

@ -0,0 +1,22 @@
virtualHosts = {
"cast.ahoneybun.net" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:8080";
extraConfig = ''
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
'';
};
};
};

16
web/stoners-space.nix Normal file
View file

@ -0,0 +1,16 @@
{ config, pkgs, ... }:
{
services.mastodon = {
enable = true;
localDomain = "stoners.space"; # Replace with your own domain
configureNginx = true;
smtp.fromAddress = "";
};
services.postgresqlBackup = {
enable = true;
databases = [ "mastodon" ];
};
}