tvl-depot/ops/modules/www/signup.tvl.fyi.nix at f71bb351d29f58935e6002615cd94d6e6259bf26 - mdebray/tvl-depot - Forge git de la DGNum

mdebray/tvl-depot

Vincent Ambo e187a7bcb1 feat(ops/modules): deploy //web/pwcrypt to signup.tvl.fyi

I verified on whitby that the password hashes generated by
//web/pwcrypt are compatible with our OpenLDAP, so it's time to make
this thing public.

Change-Id: Icc2f095ca7ce4acff6de91a1642dea6461177423
Reviewed-on: https://cl.tvl.fyi/c/depot/+/9266
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
Autosubmit: tazjin <tazjin@tvl.su>

2023-09-05 14:44:36 +00:00

19 lines

348 B

Nix

Raw Blame History

 { depot, ... }:
 {
   imports = [
     ./base.nix
   ];
   config = {
     services.nginx.virtualHosts."signup.tvl.fyi" = {
       root = depot.web.pwcrypt;
       enableACME = true;
       forceSSL = true;
       extraConfig = ''
         add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
       '';
     };
   };
 }