78 lines
No EOL
1.7 KiB
Nix
78 lines
No EOL
1.7 KiB
Nix
{ config, ... } @ inputs:
|
|
|
|
let
|
|
UID = 1103;
|
|
in {
|
|
desu.secrets.teisu-env.owner = "teisu";
|
|
|
|
users.users.teisu = {
|
|
isNormalUser = true;
|
|
uid = UID;
|
|
};
|
|
|
|
virtualisation.oci-containers.containers.teisu = {
|
|
image = "git.stupid.fish/teidesu/tei.su:latest";
|
|
environmentFiles = [
|
|
config.desu.secrets.teisu-env.path
|
|
];
|
|
user = builtins.toString UID;
|
|
extraOptions = [
|
|
"--mount=type=bind,source=/srv/teisu,target=/app/.runtime"
|
|
];
|
|
};
|
|
|
|
systemd.tmpfiles.rules = [
|
|
"d /srv/teisu 0755 teisu teisu -"
|
|
];
|
|
|
|
services.nginx.virtualHosts."tei.su" = let
|
|
serveWithTextPlain = {
|
|
proxyPass = "http://teisu.docker:4321$request_uri";
|
|
extraConfig = ''
|
|
add_header 'Content-Type' 'text/plain';
|
|
'';
|
|
};
|
|
in {
|
|
forceSSL = true;
|
|
useACMEHost = "tei.su";
|
|
|
|
locations."/" = {
|
|
proxyPass = "http://teisu.docker:4321$request_uri";
|
|
extraConfig = ''
|
|
if ($request_method = MEOW) {
|
|
rewrite ^ /.meow-proxy last;
|
|
}
|
|
'';
|
|
};
|
|
|
|
locations."/.well-known/" = {
|
|
proxyPass = "http://teisu.docker:4321$request_uri";
|
|
extraConfig = ''
|
|
add_header 'Access-Control-Allow-Origin' '*';
|
|
'';
|
|
};
|
|
|
|
locations."/.meow-proxy" = {
|
|
proxyPass = "http://teisu.docker:4321/api/meow";
|
|
extraConfig = ''
|
|
proxy_method GET;
|
|
internal;
|
|
'';
|
|
};
|
|
|
|
locations."/keys" = serveWithTextPlain;
|
|
locations."/keys@ssh" = serveWithTextPlain;
|
|
locations."/keys@git" = serveWithTextPlain;
|
|
};
|
|
|
|
services.nginx.virtualHosts."tei.pet" = {
|
|
forceSSL = true;
|
|
useACMEHost = "tei.pet";
|
|
|
|
locations."/" = {
|
|
extraConfig = ''
|
|
return 301 https://tei.su$request_uri;
|
|
'';
|
|
};
|
|
};
|
|
} |