diff options
author | Vincent Ambo <mail@tazj.in> | 2023-09-04T22·19+0300 |
---|---|---|
committer | clbot <clbot@tvl.fyi> | 2023-09-05T14·44+0000 |
commit | e187a7bcb18ade669e276473b277edcd01f1babb (patch) | |
tree | 1b6747387d29d89b3fbcd390ba0db1ceed1089ad /ops/modules/www | |
parent | 816f76494cc7a73e5ba3f8b3e66187923af7e364 (diff) |
feat(ops/modules): deploy //web/pwcrypt to signup.tvl.fyi r/6552
I verified on whitby that the password hashes generated by //web/pwcrypt are compatible with our OpenLDAP, so it's time to make this thing public. Change-Id: Icc2f095ca7ce4acff6de91a1642dea6461177423 Reviewed-on: https://cl.tvl.fyi/c/depot/+/9266 Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de> Autosubmit: tazjin <tazjin@tvl.su>
Diffstat (limited to 'ops/modules/www')
-rw-r--r-- | ops/modules/www/signup.tvl.fyi.nix | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/ops/modules/www/signup.tvl.fyi.nix b/ops/modules/www/signup.tvl.fyi.nix new file mode 100644 index 000000000000..1b193f99a9ed --- /dev/null +++ b/ops/modules/www/signup.tvl.fyi.nix @@ -0,0 +1,19 @@ +{ depot, ... }: + +{ + imports = [ + ./base.nix + ]; + + config = { + services.nginx.virtualHosts."signup.tvl.fyi" = { + root = depot.web.pwcrypt; + enableACME = true; + forceSSL = true; + + extraConfig = '' + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; + ''; + }; + }; +} |