add server

2026-02-16 23:34:42 +04:00 · 2025-01-26 19:33:07 +04:00 · 2025-01-26 19:33:07 +04:00 · 95f65d9c03
commit 95f65d9c03
parent 284b131058
18 changed files with 358 additions and 112 deletions
--- a/nix/server/nginx.nix
+++ b/nix/server/nginx.nix
@ -0,0 +1,38 @@
+{ config
+, pkgs
+, lib
+, ...
+}:
+let
+	cfg = config.kp2pml30.server;
+in lib.mkIf cfg.nginx {
+	security.acme = {
+		acceptTerms = true;
+		defaults.email = "kp2pml30@gmail.com";
+		certs."${cfg.hostname}" = {
+			serverAliases = [ "*.${cfg.hostname}" ];
+			webroot = "/var/lib/acme/.challenges";
+			group = "nginx";
+		};
+	};
+
+	services.nginx = {
+		enable = true;
+
+		virtualHosts."${cfg.hostname}" = {
+			addSSL = true;
+			enableACME = true;
+			listen = [
+				{ port = 80; }
+			];
+			locations."/.well-known/acme-challenge/" = {
+				root = "/var/lib/acme/.challenges";
+			};
+			locations."/" = {
+				return = 404;
+			};
+		};
+
+		streamConfig = (builtins.readFile ./stream.nginx);
+	};
+}