31 lines
No EOL
665 B
Nix
31 lines
No EOL
665 B
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
{
|
|
services.nginx.enable = true;
|
|
|
|
# nginx runs under ProtectHome=true which disallows reading anywhere
|
|
# in /home. So we need to use a different location.
|
|
users.users."up" = {
|
|
isNormalUser = true;
|
|
home = /srv/up;
|
|
group = config.services.nginx.group;
|
|
createHome = true;
|
|
homeMode = "750";
|
|
};
|
|
|
|
services.nginx.virtualHosts."srv.isomorphis.me" = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
root = config.users.users."up".home;
|
|
locations."/" = {
|
|
extraConfig = ''
|
|
autoindex on;
|
|
'';
|
|
};
|
|
locations."/i/" = {
|
|
extraConfig = ''
|
|
autoindex off;
|
|
'';
|
|
};
|
|
};
|
|
} |