sail: Remove Matrix from CF
This commit is contained in:
parent
c088193e28
commit
0bc2169913
4 changed files with 78 additions and 64 deletions
|
@ -20,33 +20,31 @@
|
|||
};
|
||||
|
||||
# Based on: https://github.com/NixOS/nixpkgs/blob/nixos-unstable/nixos/modules/services/web-apps/freshrss.nix
|
||||
services.nginx = {
|
||||
virtualHosts."${secret.freshrss.virtualHost}" = {
|
||||
http3 = true;
|
||||
services.nginx.virtualHosts."${secret.freshrss.virtualHost}" = {
|
||||
http3 = true;
|
||||
|
||||
root = "${config.services.freshrss.package}/p";
|
||||
forceSSL = true;
|
||||
useACMEHost = "kempkens.io";
|
||||
root = "${config.services.freshrss.package}/p";
|
||||
forceSSL = true;
|
||||
useACMEHost = "kempkens.io";
|
||||
|
||||
# php files handling
|
||||
# this regex is mandatory because of the API
|
||||
locations."~ ^.+?\.php(/.*)?$".extraConfig = ''
|
||||
fastcgi_pass unix:${config.services.phpfpm.pools.${config.services.freshrss.pool}.socket};
|
||||
fastcgi_split_path_info ^(.+\.php)(/.*)$;
|
||||
# By default, the variable PATH_INFO is not set under PHP-FPM
|
||||
# But FreshRSS API greader.php need it. If you have a “Bad Request” error, double check this var!
|
||||
# NOTE: the separate $path_info variable is required. For more details, see:
|
||||
# https://trac.nginx.org/nginx/ticket/321
|
||||
set $path_info $fastcgi_path_info;
|
||||
fastcgi_param PATH_INFO $path_info;
|
||||
include ${config.services.nginx.package}/conf/fastcgi_params;
|
||||
include ${config.services.nginx.package}/conf/fastcgi.conf;
|
||||
'';
|
||||
# php files handling
|
||||
# this regex is mandatory because of the API
|
||||
locations."~ ^.+?\.php(/.*)?$".extraConfig = ''
|
||||
fastcgi_pass unix:${config.services.phpfpm.pools.${config.services.freshrss.pool}.socket};
|
||||
fastcgi_split_path_info ^(.+\.php)(/.*)$;
|
||||
# By default, the variable PATH_INFO is not set under PHP-FPM
|
||||
# But FreshRSS API greader.php need it. If you have a “Bad Request” error, double check this var!
|
||||
# NOTE: the separate $path_info variable is required. For more details, see:
|
||||
# https://trac.nginx.org/nginx/ticket/321
|
||||
set $path_info $fastcgi_path_info;
|
||||
fastcgi_param PATH_INFO $path_info;
|
||||
include ${config.services.nginx.package}/conf/fastcgi_params;
|
||||
include ${config.services.nginx.package}/conf/fastcgi.conf;
|
||||
'';
|
||||
|
||||
locations."/" = {
|
||||
tryFiles = "$uri $uri/ index.php";
|
||||
index = "index.php index.html index.htm";
|
||||
};
|
||||
locations."/" = {
|
||||
tryFiles = "$uri $uri/ index.php";
|
||||
index = "index.php index.html index.htm";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -8,18 +8,16 @@
|
|||
port = 8002;
|
||||
};
|
||||
|
||||
services.nginx = {
|
||||
virtualHosts."${secret.nginx.hostnames.libreddit}" = {
|
||||
http3 = true;
|
||||
services.nginx.virtualHosts."${secret.nginx.hostnames.libreddit}" = {
|
||||
http3 = true;
|
||||
|
||||
forceSSL = true;
|
||||
useACMEHost = "daniel.sx";
|
||||
basicAuthFile = config.age.secrets.libreddit-auth.path;
|
||||
forceSSL = true;
|
||||
useACMEHost = "daniel.sx";
|
||||
basicAuthFile = config.age.secrets.libreddit-auth.path;
|
||||
|
||||
locations."/" = {
|
||||
recommendedProxySettings = true;
|
||||
proxyPass = "http://127.0.0.1:8002";
|
||||
};
|
||||
locations."/" = {
|
||||
recommendedProxySettings = true;
|
||||
proxyPass = "http://127.0.0.1:8002";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -70,41 +70,41 @@ in
|
|||
extraEnvFiles = [ config.age.secrets.mastodon-extra-config.path ];
|
||||
};
|
||||
|
||||
services.nginx = {
|
||||
virtualHosts."${web-domain}" = {
|
||||
http3 = true;
|
||||
services.nginx.virtualHosts."${web-domain}" = {
|
||||
http3 = true;
|
||||
|
||||
root = "${config.services.mastodon.package}/public/";
|
||||
forceSSL = true;
|
||||
useACMEHost = "kempkens.io";
|
||||
root = "${config.services.mastodon.package}/public/";
|
||||
forceSSL = true;
|
||||
useACMEHost = "kempkens.io";
|
||||
|
||||
locations."/system/" = {
|
||||
extraConfig = ''
|
||||
rewrite ^/system/?(.*)$ https://mastodon-cdn.kempkens.io/$1 permanent;
|
||||
'';
|
||||
};
|
||||
locations."/system/" = {
|
||||
extraConfig = ''
|
||||
rewrite ^/system/?(.*)$ https://mastodon-cdn.kempkens.io/$1 permanent;
|
||||
'';
|
||||
};
|
||||
|
||||
locations."/" = {
|
||||
tryFiles = "$uri @proxy";
|
||||
};
|
||||
locations."/" = {
|
||||
tryFiles = "$uri @proxy";
|
||||
};
|
||||
|
||||
locations."@proxy" = {
|
||||
recommendedProxySettings = true;
|
||||
proxyPass = "http://unix:/run/mastodon-web/web.socket";
|
||||
proxyWebsockets = true;
|
||||
extraConfig = ''
|
||||
proxy_force_ranges on;
|
||||
'';
|
||||
};
|
||||
locations."@proxy" = {
|
||||
recommendedProxySettings = true;
|
||||
proxyPass = "http://unix:/run/mastodon-web/web.socket";
|
||||
proxyWebsockets = true;
|
||||
|
||||
locations."/api/v1/streaming/" = {
|
||||
recommendedProxySettings = true;
|
||||
proxyPass = "http://unix:/run/mastodon-streaming/streaming.socket";
|
||||
proxyWebsockets = true;
|
||||
extraConfig = ''
|
||||
proxy_force_ranges on;
|
||||
'';
|
||||
};
|
||||
extraConfig = ''
|
||||
proxy_force_ranges on;
|
||||
'';
|
||||
};
|
||||
|
||||
locations."/api/v1/streaming/" = {
|
||||
recommendedProxySettings = true;
|
||||
proxyPass = "http://unix:/run/mastodon-streaming/streaming.socket";
|
||||
proxyWebsockets = true;
|
||||
|
||||
extraConfig = ''
|
||||
proxy_force_ranges on;
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -88,4 +88,22 @@
|
|||
};
|
||||
|
||||
networking.firewall.interfaces."enp7s0".allowedTCPPorts = [ 8008 ];
|
||||
|
||||
services.nginx.virtualHosts."matrix.kempkens.io" = {
|
||||
http3 = true;
|
||||
|
||||
forceSSL = true;
|
||||
useACMEHost = "kempkens.io";
|
||||
|
||||
locations."/" = {
|
||||
recommendedProxySettings = true;
|
||||
proxyPass = "http://127.0.0.1:8008";
|
||||
proxyWebsockets = true;
|
||||
|
||||
extraConfig = ''
|
||||
client_max_body_size 50m;
|
||||
proxy_force_ranges on;
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue