diff --git a/ops/machines/whitby/default.nix b/ops/machines/whitby/default.nix index 7cc529c7f..148c0d15a 100644 --- a/ops/machines/whitby/default.nix +++ b/ops/machines/whitby/default.nix @@ -36,6 +36,7 @@ in { "${depot.path}/ops/modules/www/tazj.in.nix" "${depot.path}/ops/modules/www/todo.tvl.fyi.nix" "${depot.path}/ops/modules/www/tvl.fyi.nix" + "${depot.path}/ops/modules/www/tvl.su.nix" "${depot.path}/ops/modules/www/wigglydonke.rs.nix" "${pkgs.path}/nixos/modules/services/web-apps/gerrit.nix" ]; diff --git a/ops/modules/www/tvl.su.nix b/ops/modules/www/tvl.su.nix new file mode 100644 index 000000000..a7c4f6a21 --- /dev/null +++ b/ops/modules/www/tvl.su.nix @@ -0,0 +1,20 @@ +{ depot, ... }: + +{ + imports = [ + ./base.nix + ]; + + config = { + services.nginx.virtualHosts."tvl.su" = { + serverName = "tvl.su"; + root = depot.corp.website; + enableACME = true; + forceSSL = true; + + extraConfig = '' + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; + ''; + }; + }; +}