90281c4eac
Splits //ops/nixos into: * //ops/nixos.nix - utility functions for building systems * //ops/machines - shared machine definitions (read by readTree) * //ops/modules - shared NixOS modules (skipped by readTree) This simplifies working with the configuration fixpoint in whitby, and is overall a bit more in line with how NixOS systems in user folders currently work. Change-Id: I1322ec5cc76c0207c099c05d44828a3df0b3ffc1 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2931 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: glittershark <grfn@gws.fyi>
25 lines
535 B
Nix
25 lines
535 B
Nix
{ depot, ... }:
|
|
|
|
{
|
|
imports = [
|
|
./base.nix
|
|
];
|
|
|
|
config = {
|
|
services.nginx.virtualHosts."todo.tvl.fyi" = {
|
|
serverName = "todo.tvl.fyi";
|
|
serverAliases = [ "todo.tvl.su" ];
|
|
root = depot.web.todolist;
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
|
|
extraConfig = ''
|
|
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
|
|
|
|
location ~* \.(webp|woff2)$ {
|
|
add_header Cache-Control "public, max-age=31536000";
|
|
}
|
|
'';
|
|
};
|
|
};
|
|
}
|