diff options
-rw-r--r-- | ops/machines/whitby/default.nix | 1 | ||||
-rw-r--r-- | ops/modules/www/static.tvl.fyi.nix | 42 |
2 files changed, 43 insertions, 0 deletions
diff --git a/ops/machines/whitby/default.nix b/ops/machines/whitby/default.nix index 148c0d15a601..9a928dad30c2 100644 --- a/ops/machines/whitby/default.nix +++ b/ops/machines/whitby/default.nix @@ -32,6 +32,7 @@ in { "${depot.path}/ops/modules/www/images.tvl.fyi.nix" "${depot.path}/ops/modules/www/login.tvl.fyi.nix" "${depot.path}/ops/modules/www/nixery.dev.nix" + "${depot.path}/ops/modules/www/static.tvl.fyi.nix" "${depot.path}/ops/modules/www/status.tvl.su.nix" "${depot.path}/ops/modules/www/tazj.in.nix" "${depot.path}/ops/modules/www/todo.tvl.fyi.nix" diff --git a/ops/modules/www/static.tvl.fyi.nix b/ops/modules/www/static.tvl.fyi.nix new file mode 100644 index 000000000000..7312f78ecf42 --- /dev/null +++ b/ops/modules/www/static.tvl.fyi.nix @@ -0,0 +1,42 @@ +# Host the static assets at static.tvl.fyi +# +# All assets are served from $base/$drvhash/$file, but can also be +# included with `latest/` which will return a (non-permanent!) +# redirect to the real location. +# +# For all purposes within depot, using the drvhash of web.static is +# recommended. +{ depot, pkgs, ... }: + +let staticHash = depot.web.static.drvHash; +in { + imports = [ + ./base.nix + ]; + + config = { + services.nginx.virtualHosts."static.tvl.fyi" = { + serverAliases = [ "static.tvl.su" ]; + enableACME = true; + forceSSL = true; + + extraConfig = '' + location = / { + add_header Content-Type text/plain; + return 200 "looking for tvl.fyi or tvl.su?"; + } + + location /latest { + rewrite ^/latest/(.*) /${staticHash}/$1 redirect; + } + + location /${staticHash}/ { + alias ${depot.web.static}/; + expires max; + add_header Access-Control-Allow-Origin "*"; + add_header Cache-Control "public"; + } + ''; + }; + }; +} |