about summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ops/nixos/whitby/default.nix6
-rw-r--r--ops/nixos/www/base.nix14
-rw-r--r--ops/nixos/www/login.tvl.fyi.nix23
3 files changed, 43 insertions, 0 deletions
diff --git a/ops/nixos/whitby/default.nix b/ops/nixos/whitby/default.nix
index b1055ddd2ee1..e80d5885e1a0 100644
--- a/ops/nixos/whitby/default.nix
+++ b/ops/nixos/whitby/default.nix
@@ -17,6 +17,7 @@ in {
   imports = [
     "${depot.depotPath}/ops/nixos/depot.nix"
     "${depot.depotPath}/ops/nixos/tvl-slapd/default.nix"
+    "${depot.depotPath}/ops/nixos/www/login.tvl.fyi.nix"
   ];
 
   hardware = {
@@ -202,5 +203,10 @@ in {
     };
   };
 
+  security.acme = {
+    acceptTerms = true;
+    email = "mail@tazj.in";
+  };
+
   system.stateVersion = "20.03";
 }
diff --git a/ops/nixos/www/base.nix b/ops/nixos/www/base.nix
new file mode 100644
index 000000000000..a15db6bb8a32
--- /dev/null
+++ b/ops/nixos/www/base.nix
@@ -0,0 +1,14 @@
+{ config, ... }:
+
+{
+  config = {
+    services.nginx = {
+      enable = true;
+      enableReload = true;
+
+      recommendedTlsSettings = true;
+      recommendedGzipSettings = true;
+      recommendedProxySettings = true;
+    };
+  };
+}
diff --git a/ops/nixos/www/login.tvl.fyi.nix b/ops/nixos/www/login.tvl.fyi.nix
new file mode 100644
index 000000000000..8513c6e660c5
--- /dev/null
+++ b/ops/nixos/www/login.tvl.fyi.nix
@@ -0,0 +1,23 @@
+{ ... }:
+
+{
+  imports = [
+    ./base.nix
+  ];
+
+  config = {
+    services.nginx.virtualHosts."login.tvl.fyi" = {
+      serverName = "login.tvl.fyi";
+      enableACME = true;
+      forceSSL = true;
+
+      extraConfig = ''
+        location / {
+          proxy_pass http://localhost:8443;
+          proxy_set_header X-Forwarded-For $remote_addr;
+          proxy_set_header Host $host;
+        }
+      '';
+    };
+  };
+}
generated by cgit-pink 1.4.1 (git 2.44.2) at 2024-11-02T13ยท48+0000