From 19cc834f33e86af5ff5c79acc5a7346b6ff8ed1b Mon Sep 17 00:00:00 2001 From: Emile Date: Thu, 19 Sep 2024 12:05:02 +0200 Subject: nix-cache things --- nix/hosts/corrino/www/nix-cache/index.txt | 2 +- .../www/nix-cache/nix-cache.emile.space.nix | 38 +++++++++++----------- 2 files changed, 20 insertions(+), 20 deletions(-) (limited to 'nix/hosts/corrino/www/nix-cache') diff --git a/nix/hosts/corrino/www/nix-cache/index.txt b/nix/hosts/corrino/www/nix-cache/index.txt index 514b288..6e3353b 100644 --- a/nix/hosts/corrino/www/nix-cache/index.txt +++ b/nix/hosts/corrino/www/nix-cache/index.txt @@ -11,7 +11,7 @@ NixOS Configuration: "https://nix-cache.emile.space" ]; trusted-public-keys = [ - "nix-cache.emile.space:3xzJknXMsR/EL3SBTu6V6oCOkjxe6MgJm0nOrElW33A=" + "nix-cache.emile.space:3xzJknXMsR/EL3SBTu6V6oCOkjxe6MgJm0nOrElW33A=" ]; } diff --git a/nix/hosts/corrino/www/nix-cache/nix-cache.emile.space.nix b/nix/hosts/corrino/www/nix-cache/nix-cache.emile.space.nix index c8f7264..cbb6a0d 100644 --- a/nix/hosts/corrino/www/nix-cache/nix-cache.emile.space.nix +++ b/nix/hosts/corrino/www/nix-cache/nix-cache.emile.space.nix @@ -1,18 +1,26 @@ -{ ... }: +{ config, ... }: { services.nginx.virtualHosts."nix-cache.emile.space" = { - forceSSL = false; - enableACME = false; + forceSSL = true; + enableACME = true; + + locations = { + "/" = { + proxyPass = "http://${config.services.harmonia.settings.bind}"; + }; + }; }; - # locations = { - # "/" = { - # root = "/var/www/emile.space"; - # extraConfig = '' - # add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - # ''; - # }; - # }; + services.harmonia = { + enable = true; + + # TODO(emile): manage this using age + # signKeyPath = "/var/lib/secrets/harmonia.secret"; + signKeyPath = config.age.secrets.harmonia-signkey.path; + + settings.bind = "[::1]:${toString config.emile.ports.harmonia}"; + }; + # locations."= /" = { # index = "/index.txt"; # }; @@ -47,12 +55,4 @@ # }; # }; - # services.harmonia = { - # enable = true; - - # # TODO(emile): manage this using age - # signKeyPath = "/var/lib/secrets/harmonia.secret"; - - # settings.bind = "[::1]:${toString config.emile.ports.harmonia}"; - # }; } -- cgit 1.4.1