blob: f6bb4e4146155289afd3f811d9346ee9b8fb3240 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
{ me, ... }:
let
rnrdUrl = if me.is.renard then "rnrd.eu" else "${me.name}.rnrd.eu";
in
{
imports = [ ./tailnet.nix ];
security.acme = {
acceptTerms = true;
defaults.email = "einebeere@gmail.com";
};
services.nginx = {
enable = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
statusPage = true;
commonHttpConfig = ''
log_format json_combined escape=json '{'
'"time_local":"$time_local",'
'"remote_addr":"$remote_addr",'
'"remote_user":"$remote_user",'
'"request":"$request",'
'"status": "$status",'
'"body_bytes_sent":"$body_bytes_sent",'
'"request_length":"$request_length",'
'"request_time":"$request_time",'
'"http_referrer":"$http_referer",'
'"http_user_agent":"$http_user_agent",'
'"upstream_response_time":"$upstream_response_time",'
'"upstream_addr":"$upstream_addr",'
'"upstream_status":"$upstream_status"'
'}';
access_log /var/log/nginx/access.log json_combined;
error_log /var/log/nginx/error.log warn;
'';
virtualHosts = {
default = {
default = true;
};
${rnrdUrl} = {
root = "/var/www/html";
forceSSL = true;
enableACME = true;
extraConfig = ''
access_log /var/log/nginx/base.access.log json_combined;
'';
};
};
};
}
|
