37 lines
No EOL
813 B
Nix
37 lines
No EOL
813 B
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
let
|
|
up_dir = /srv/up;
|
|
in
|
|
{
|
|
services.nginx.enable = true;
|
|
|
|
# nginx runs under ProtectHome=true which disallows reading anywhere
|
|
# in /home. So we need to use a different location.
|
|
users.users."up" = {
|
|
isNormalUser = true;
|
|
home = up_dir;
|
|
group = config.services.nginx.group;
|
|
# Unsure why this is broken, but couldn't make things work without
|
|
# creating the directory by hand.
|
|
# createHome = true;
|
|
# homeMode = "750";
|
|
};
|
|
|
|
services.nginx.virtualHosts."srv.isomorphis.me" = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
root = up_dir;
|
|
locations ={
|
|
"/" = {
|
|
extraConfig = "autoindex on;";
|
|
};
|
|
"/.ssh" = {
|
|
return = "403";
|
|
};
|
|
"/i/" = {
|
|
extraConfig = "autoindex off;";
|
|
};
|
|
};
|
|
};
|
|
} |