summaryrefslogtreecommitdiff
path: root/host
diff options
context:
space:
mode:
authorAdrian Kummerlaender2021-06-10 18:36:24 +0200
committerAdrian Kummerlaender2021-06-10 18:36:24 +0200
commit28441393eb1fe79e00d7c110b51462cd699f6862 (patch)
tree2f9d8c92618107119dfe2834d9e8c26966804deb /host
parent5d5f71e108cb4559a3a8144fbd089076b61a9dda (diff)
downloadnixos_system-28441393eb1fe79e00d7c110b51462cd699f6862.tar
nixos_system-28441393eb1fe79e00d7c110b51462cd699f6862.tar.gz
nixos_system-28441393eb1fe79e00d7c110b51462cd699f6862.tar.bz2
nixos_system-28441393eb1fe79e00d7c110b51462cd699f6862.tar.lz
nixos_system-28441393eb1fe79e00d7c110b51462cd699f6862.tar.xz
nixos_system-28441393eb1fe79e00d7c110b51462cd699f6862.tar.zst
nixos_system-28441393eb1fe79e00d7c110b51462cd699f6862.zip
Fix nginx, cgit config
Diffstat (limited to 'host')
-rw-r--r--host/software/server/git.nix8
-rw-r--r--host/software/server/mail.nix2
-rw-r--r--host/software/server/website.nix14
3 files changed, 13 insertions, 11 deletions
diff --git a/host/software/server/git.nix b/host/software/server/git.nix
index 209a318..2781911 100644
--- a/host/software/server/git.nix
+++ b/host/software/server/git.nix
@@ -3,8 +3,8 @@
{
services.uwsgi = {
enable = true;
- user = "nginx";
- group = "nginx";
+ user = "public";
+ group = "users";
plugins = [ "cgi" ];
instance = {
@@ -33,7 +33,7 @@
'';
};
- users.extraUsers.nginx.extraGroups = [ "git" ];
+ users.extraUsers.public.extraGroups = [ "git" ];
services.nginx.virtualHosts."code.kummerlaender.eu" = {
addSSL = true;
@@ -64,7 +64,7 @@
};
script = ''
mkdir /run/cgit
- chown -R nginx:nginx /run/cgit
+ chown -R public:users /run/cgit
'';
};
diff --git a/host/software/server/mail.nix b/host/software/server/mail.nix
index 34ebc82..37c007b 100644
--- a/host/software/server/mail.nix
+++ b/host/software/server/mail.nix
@@ -2,7 +2,7 @@
{
imports = let
- release = "nixos-20.09";
+ release = "nixos-21.05";
in [
(builtins.fetchTarball {
url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/${release}/nixos-mailserver-${release}.tar.gz";
diff --git a/host/software/server/website.nix b/host/software/server/website.nix
index a5f65fb..00473df 100644
--- a/host/software/server/website.nix
+++ b/host/software/server/website.nix
@@ -7,6 +7,8 @@
shell = pkgs.fish;
};
+ services.nginx.user = "public";
+
systemd.services.nginx.serviceConfig.ProtectHome = false;
# `public` generates websites using their custom derivations via `nix-build`
@@ -27,11 +29,11 @@
'';
};
- proxy = target: {
- proxyPass = target;
+ proxy = server: target: {
+ proxyPass = server;
extraConfig = ''
expires off;
- proxy_set_header Host code.kummerlaender.eu;
+ return ${target};
'';
};
in {
@@ -47,9 +49,9 @@
"pkgs.kummerlaender.eu" = default {
"/".root = "/home/public/pkgs/result";
- "/nixexprs.tar.gz" = proxy "http://code.kummerlaender.eu/pkgs/snapshot/master.tar.gz";
- "/nixexprs.tar.xz" = proxy "http://code.kummerlaender.eu/pkgs/snapshot/master.tar.xz";
- "/nixexprs.tar.bz2" = proxy "http://code.kummerlaender.eu/pkgs/snapshot/master.tar.bz2";
+ "/nixexprs.tar.gz" = proxy "http://code.kummerlaender.eu" "http://code.kummerlaender.eu/pkgs/snapshot/master.tar.gz";
+ "/nixexprs.tar.xz" = proxy "http://code.kummerlaender.eu" "http://code.kummerlaender.eu/pkgs/snapshot/master.tar.xz";
+ "/nixexprs.tar.bz2" = proxy "http://code.kummerlaender.eu" "http://code.kummerlaender.eu/pkgs/snapshot/master.tar.bz2";
};
"literatelb.org" = let