about summary refs log tree commit diff
path: root/ops/nixos
diff options
context:
space:
mode:
Diffstat (limited to 'ops/nixos')
-rw-r--r--ops/nixos/whitby/default.nix1
-rw-r--r--ops/nixos/www/todo.tvl.fyi.nix24
2 files changed, 25 insertions, 0 deletions
diff --git a/ops/nixos/whitby/default.nix b/ops/nixos/whitby/default.nix
index e42bdc864f37..85f47cbccdef 100644
--- a/ops/nixos/whitby/default.nix
+++ b/ops/nixos/whitby/default.nix
@@ -26,6 +26,7 @@ in lib.fix(self: {
     "${depot.depotPath}/ops/nixos/www/code.tvl.fyi.nix"
     "${depot.depotPath}/ops/nixos/www/cs.tvl.fyi.nix"
     "${depot.depotPath}/ops/nixos/www/login.tvl.fyi.nix"
+    "${depot.depotPath}/ops/nixos/www/todo.tvl.fyi.nix"
     "${depot.depotPath}/ops/nixos/www/tvl.fyi.nix"
     "${depot.third_party.nixpkgsSrc}/nixos/modules/services/web-apps/gerrit.nix"
   ];
diff --git a/ops/nixos/www/todo.tvl.fyi.nix b/ops/nixos/www/todo.tvl.fyi.nix
new file mode 100644
index 000000000000..0820d136d295
--- /dev/null
+++ b/ops/nixos/www/todo.tvl.fyi.nix
@@ -0,0 +1,24 @@
+{ config, ... }:
+
+{
+  imports = [
+    ./base.nix
+  ];
+
+  config = {
+    services.nginx.virtualHosts."todo.tvl.fyi" = {
+      serverName = "todo.tvl.fyi";
+      root = config.depot.web.todolist;
+      enableACME = true;
+      forceSSL = true;
+
+      extraConfig = ''
+        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
+
+        location ~* \.(webp|woff2)$ {
+          add_header Cache-Control "public, max-age=31536000";
+        }
+      '';
+    };
+  };
+}