about summary refs log tree commit diff
path: root/web/homepage/nginx.nix
diff options
context:
space:
mode:
Diffstat (limited to 'web/homepage/nginx.nix')
-rw-r--r--web/homepage/nginx.nix74
1 files changed, 74 insertions, 0 deletions
diff --git a/web/homepage/nginx.nix b/web/homepage/nginx.nix
new file mode 100644
index 000000000000..90a13a1e98f9
--- /dev/null
+++ b/web/homepage/nginx.nix
@@ -0,0 +1,74 @@
+# This file creates an nginx server that serves the blog on port 8080.
+#
+# It's not intended to be the user-facing nginx.
+{
+  # third_party attributes supplied by callPackage
+  writeText, writeShellScriptBin, nginx, lib,
+
+  # website content
+  blog
+}:
+
+let
+  inherit (builtins) hasAttr filter map;
+  inherit (pkgs.third_party) ;
+
+  oldRedirects = lib.concatStringsSep "\n" (map (post: ''
+    location ~* ^(en)?/${post.oldKey} {
+      # TODO(tazjin): 301 once this works
+      return 302 /${post.key};
+    }
+  '') (filter (hasAttr "oldKey") blog.posts));
+
+  config = writeText "homepage-nginx.conf" ''
+    daemon off;
+    worker_processes 1;
+    error_log stderr;
+    pid /tmp/nginx-homepage.pid;
+
+    events {
+      worker_connections  1024;
+    }
+
+    http {
+      include ${nginx}/conf/mime.types;
+      fastcgi_temp_path /tmp/nginx-homepage;
+      uwsgi_temp_path /tmp/nginx-homepage;
+      scgi_temp_path /tmp/nginx-homepage;
+      client_body_temp_path /tmp/nginx-homepage;
+      proxy_temp_path /tmp/nginx-homepage;
+      sendfile on;
+
+      # Logging is handled by the primary nginx server
+      access_log off;
+
+      server {
+        listen 8080 default_server;
+        root ${blog.rendered};
+
+        location /static {
+          alias ${blog.static}/;
+        }
+
+        ${oldRedirects}
+
+        location / {
+          if ($request_uri ~ ^/(.*)\.html$) {
+            return 302 /$1;
+          }
+
+          try_files $uri $uri.html $uri/ =404;
+        }
+      }
+    }
+  '';
+in writeShellScriptBin "homepage" ''
+  if [[ -v CONTAINER_SETUP ]]; then
+    cd /run
+    echo 'nogroup:x:30000:nobody' >> /etc/group
+    echo 'nobody:x:30000:30000:nobody:/tmp:/bin/bash' >> /etc/passwd
+  fi
+
+  mkdir -p /tmp/nginx-homepage
+  exec ${nginx}/bin/nginx -c ${config}
+''