WIP
Eval nix flake / evals (push) Successful in 2m40s Details

This commit is contained in:
Oystein Kristoffer Tveit 2023-11-05 01:41:45 +01:00
parent 3caa66fb64
commit 24939d84a5
Signed by: oysteikt
GPG Key ID: 9F2F7D8250F35146
3 changed files with 163 additions and 1 deletions

View File

@ -10,7 +10,7 @@
# TODO: set up authentication for the following:
# ./services/website.nix
./services/nginx.nix
./services/nginx
./services/gitea/default.nix
# ./services/mediawiki.nix
];

View File

@ -0,0 +1,22 @@
{ pkgs, config, ... }:
{
imports = [
./ingress.nix
];
security.acme = {
acceptTerms = true;
defaults.email = "drift@pvv.ntnu.no";
};
services.nginx = {
enable = true;
recommendedTlsSettings = true;
recommendedProxySettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
}

View File

@ -0,0 +1,140 @@
{ config, lib, ... }:
{
services.nginx.virtualHosts = {
"www2.pvv.ntnu.no" = {
serverAliases = [ "www2.pvv.org" ];
locations = {
# "^/$".return = "301 http://www.pvv.ntnu.no/pvv/";
"^/$".return = "301 http://www.pvv.ntnu.no/";
"^/disk/".return = "301 http://www.pvv.ntnu.no/pvv/Diskkjøp";
"^/dok/boker.php".return = "301 http://www.pvv.ntnu.no/pvv/Bokhyllen";
"^/styret/$".return = "301 http://www.pvv.ntnu.no/pvv/Styret";
"^/styret/lover/".return = "301 http://www.pvv.ntnu.no/pvv/Lover";
"^/info/$".return = "301 http://www.pvv.ntnu.no/pvv/";
"^/info/maskinpark/$".return = "301 http://www.pvv.ntnu.no/pvv/Maskiner";
"^/medlemssider/meldinn.php".return = "301 http://www.pvv.ntnu.no/pvv/Medlemskontingent";
"^/diverse/medlems-sider.php".return = "301 http://www.pvv.ntnu.no/pvv/Medlemssider";
"^/cert/$".return = "301 http://www.pvv.ntnu.no/pvv/CERT";
"^/drift".return = "301 http://www.pvv.ntnu.no/pvv/Drift";
"^/diverse/abuse.php".return = "301 http://www.pvv.ntnu.no/pvv/CERT/Abuse";
"^/nerds/".return = "301 http://www.pvv.ntnu.no/pvv/Nerdepizza";
"/webmail".return = "301 https://webmail.pvv.ntnu.no/squirrelmail";
};
extraConfig = ''
rewrite ^/(~.*) http://tom.pvv.ntnu.no/$1 permanent;
'';
};
};
}
## Om denne er "none" gjør det at apache ikke gidder å åpne .htaccess-filer. Det
## er veldig greit om man ikke vil at den skal automounte /home/pvv/.htaccess,
## for å ta et tilfeldig eksempel ;-)
#<Directory />
# AllowOverride none
#</Directory>
#<Directory /var/www/pvv>
# Options Indexes FollowSymLinks
# AllowOverride All
# Order allow,deny
# Allow from all
# AddDefaultCharset iso-8859-1
#</Directory>
#<Directory />
# Options FollowSymLinks
# AllowOverride None
#</Directory>
#<Directory /var/www/wiki.pvv.ntnu.no>
# Options FollowSymLinks SymLinksIfOwnerMatch
# AllowOverride None
# Order allow,deny
# Allow from all
#</Directory>
#Alias /pvv "/var/www/wiki.pvv.ntnu.no/w/index.php"
#Alias /w /var/www/wiki.pvv.ntnu.no/w
#Alias /moin-static/ "/usr/share/moin/htdocs/"
#ScriptAlias /gammel "/usr/share/moin/server/moin.cgi"
## :80 defineres av debians default ports.conf, men ikke :443
##NameVirtualHost *:80
#NameVirtualHost *:443
#<VirtualHost *:80>
# ServerName www.pvv.ntnu.no
# ServerAlias www.pvv.org
# ServerAdmin drift@pvv.ntnu.no
# DocumentRoot /var/www/pvv
# RedirectPermanent /webmail https://webmail.pvv.ntnu.no/squirrelmail
# RewriteEngine on
# RewriteRule ^/(~.*) http://tom.pvv.ntnu.no/$1 [P]
# ProxyPreserveHost on
#</VirtualHost>
#<VirtualHost *:443>
# ServerName www.pvv.ntnu.no
# ServerAlias www.pvv.org
# ServerAdmin drift@pvv.ntnu.no
# DocumentRoot /var/www/pvv
# SSLEngine on
# SSLProxyEngine on
# SSLCertificateFile /etc/apache2/certs/www.pvv.ntnu.no.new.crt
# SSLCertificateKeyFile /etc/apache2/certs/www.pvv.ntnu.no.new.key
# SSLCertificateChainFile /etc/apache2/certs/www.pvv.ntnu.no_chain.new.crt
## SSLCertificateChainFile /etc/apache2/certs/DigiCertCA.crt
# SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
## SSLProxyVerify none
## SSLProxyCheckPeerCN off
## SSLProxyCheckPeerName off
# SSLProxyCheckPeerExpire off
# RedirectPermanent /webmail https://webmail.pvv.ntnu.no/squirrelmail
# RewriteEngine on
# RewriteRule ^/(~.*) https://tom.pvv.ntnu.no/$1 [P]
# ProxyPreserveHost on
#</VirtualHost>
## Redirects for gamle wiki.pvv.ntnu.no
#<VirtualHost *:80>
# ServerAdmin drift@pvv.org
# ServerName wiki.pvv.ntnu.no
# ServerAlias wiki.pvv.org
# DocumentRoot /var/www/pvv
# RedirectPermanent / http://www.pvv.ntnu.no/
# LogLevel warn
# CustomLog /var/log/apache2/wiki.log combined
# ErrorLog /var/log/apache2/error.log
#</VirtualHost>
#<VirtualHost *:443>
# ServerAdmin drift@pvv.org
# ServerName wiki.pvv.ntnu.no
# ServerAlias wiki.pvv.org
# DocumentRoot /var/www/pvv
# RedirectPermanent / https://www.pvv.ntnu.no/
# SSLEngine on
# SSLProxyEngine on
# SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
# SSLCertificateFile /etc/apache2/certs/www.pvv.ntnu.no.crt
# SSLCertificateKeyFile /etc/apache2/certs/www.pvv.ntnu.no.key
# SSLCertificateChainFile /etc/apache2/certs/www.pvv.ntnu.no_chain.crt
#</VirtualHost>