about summary refs log tree commit diff
path: root/nix/hosts/corrino/www/nix-cache
diff options
context:
space:
mode:
authorEmile <git@emile.space>2024-09-19 12:05:02 +0200
committerEmile <git@emile.space>2024-09-19 12:05:02 +0200
commit19cc834f33e86af5ff5c79acc5a7346b6ff8ed1b (patch)
tree812d3e3749f8c3c489b62f9322b3e1b7ee4ea480 /nix/hosts/corrino/www/nix-cache
parentd6076477f08f5009aec129e6a381711de4613441 (diff)
nix-cache things
Diffstat (limited to 'nix/hosts/corrino/www/nix-cache')
-rw-r--r--nix/hosts/corrino/www/nix-cache/index.txt2
-rw-r--r--nix/hosts/corrino/www/nix-cache/nix-cache.emile.space.nix38
2 files changed, 20 insertions, 20 deletions
diff --git a/nix/hosts/corrino/www/nix-cache/index.txt b/nix/hosts/corrino/www/nix-cache/index.txt
index 514b288..6e3353b 100644
--- a/nix/hosts/corrino/www/nix-cache/index.txt
+++ b/nix/hosts/corrino/www/nix-cache/index.txt
@@ -11,7 +11,7 @@ NixOS Configuration:
       "https://nix-cache.emile.space"
     ];
     trusted-public-keys = [
-			"nix-cache.emile.space:3xzJknXMsR/EL3SBTu6V6oCOkjxe6MgJm0nOrElW33A="
+	  "nix-cache.emile.space:3xzJknXMsR/EL3SBTu6V6oCOkjxe6MgJm0nOrElW33A="
     ];
   }
 
diff --git a/nix/hosts/corrino/www/nix-cache/nix-cache.emile.space.nix b/nix/hosts/corrino/www/nix-cache/nix-cache.emile.space.nix
index c8f7264..cbb6a0d 100644
--- a/nix/hosts/corrino/www/nix-cache/nix-cache.emile.space.nix
+++ b/nix/hosts/corrino/www/nix-cache/nix-cache.emile.space.nix
@@ -1,18 +1,26 @@
-{ ... }:
+{ config, ... }:
 
 {
   services.nginx.virtualHosts."nix-cache.emile.space" = {
-    forceSSL = false;
-    enableACME = false;
+    forceSSL = true;
+    enableACME = true;
+
+    locations = {
+      "/" = {
+        proxyPass = "http://${config.services.harmonia.settings.bind}";
+      };
+    };
   };
-  #   locations = {
-  #     "/" = {
-  #       root = "/var/www/emile.space";
-  #       extraConfig = ''
-  #         add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
-  #       ''; 
-  #     };
-  # };
+  services.harmonia = {
+    enable = true;
+
+    # TODO(emile): manage this using age
+    # signKeyPath = "/var/lib/secrets/harmonia.secret";
+    signKeyPath = config.age.secrets.harmonia-signkey.path;
+
+    settings.bind = "[::1]:${toString config.emile.ports.harmonia}";
+  };
+
   # locations."= /" = {
   # 	index = "/index.txt";
   # };
@@ -47,12 +55,4 @@
   # };
   # };
 
-  #  services.harmonia = {
-  # 	enable = true;
-
-  # 	# TODO(emile): manage this using age
-  # 	signKeyPath = "/var/lib/secrets/harmonia.secret";
-
-  #    settings.bind = "[::1]:${toString config.emile.ports.harmonia}";
-  # };
 }