config/profiles/web/services/openspeedtest.nix
2023-03-16 22:29:24 +01:00

95 lines
3.5 KiB
Nix

{ config, pkgs, lib, mkDomain, ... }:
{
# OpenSpeedtTest
# Pure HTML5 Network Performance Estimation Tool
/** /
services.nginx.virtualHosts.${mkDomain "openspeedtest"} = let
cfg = config.services.nginx.virtualHosts.${mkDomain "openspeedtest"};
openspeedtest = pkgs.fetchFromGitHub rec {
name = "${owner}-unstable-2022-07-02";
owner = "openspeedtest";
repo = "Speed-Test";
#rev = "v${version}";
rev = "59eb7367ede5555f7516ebb8eeeb65245bc5a6e5";
sha256 = "yzvulzgBUri+sU9WxZrLKH/T+mlZu9G2zucv8t/fZdY=";
postFetch = ''
rm $out/README.md
rm $out/License.md
rm $out/.gitignore
rm $out/hosted.html
'';
};
in {
forceSSL = true; # addSSL = true;
enableACME = true; #useACMEHost = acmeDomain;
http2 = false;
root = "${openspeedtest}";
extraConfig = ''
#access_log off;
#error_log /dev/null; #Disable this for Windows Nginx.
#log_not_found off;
gzip off;
fastcgi_read_timeout 999;
server_tokens off;
tcp_nodelay on;
tcp_nopush on;
sendfile on;
open_file_cache max=200000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors off;
'';
locations."/".extraConfig = lib.mkIf false ''
if_modified_since off;
expires off;
etag off;
if ($request_method != OPTIONS ) {
add_header 'Access-Control-Allow-Origin' "*" always;
add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
#Very Very Important! You SHOULD send no-store from server for Google Chrome.
add_header 'Cache-Control' 'no-store, no-cache, max-age=0, no-transform';
add_header 'Last-Modified' $date_gmt;
}
if ($request_method = OPTIONS ) {
add_header 'Access-Control-Allow-Origin' "$http_origin" always;
add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With' always;
add_header 'Access-Control-Allow-Methods' "GET, POST, OPTIONS" always;
add_header 'Access-Control-Allow-Credentials' "true";
return 204;
}
'';
# IF and Only if you Enabled HTTP2 otherwise never enable the following
# HTTP2 will return 200 withot waiting for upload to complete. it's smart but we don't need that to happen here when testing upload speed on HTTP2.
locations."/upload.bin".extraConfig = ''
#proxy_set_header Host $host;
proxy_pass http://127.0.0.1:80/upload.bin;
'';
locations."~* ^.+\.(?:css|cur|js|jpe?g|gif|htc|ico|png|html|xml|otf|ttf|eot|woff|woff2|svg)$".extraConfig = lib.mkIf false ''
#access_log off;
expires 365d;
add_header 'Cache-Control' public;
add_header 'Vary' Accept-Encoding;
tcp_nodelay off;
open_file_cache max=3000 inactive=120s;
open_file_cache_valid 45s;
open_file_cache_min_uses 2;
open_file_cache_errors off;
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript;
'';
};
/**/
}