documentRoot = vhostConf.root;
extraConfig = builtins.concatStringsSep "\n" vhostConf.extraConfig;
};
+ nosslVhost = {
+ listen = [ { ip = cfg.ip; port = 80; } ];
+ hostName = "nossl.immae.eu";
+ enableSSL = false;
+ logFormat = "combinedVhost";
+ documentRoot = ../../www;
+ extraConfig = ''
+ <Directory ${../../www}>
+ DirectoryIndex nossl.html
+ AllowOverride None
+ Require all granted
+
+ RewriteEngine on
+ RewriteRule ^/(.+) / [L]
+ </Directory>
+ '';
+ };
redirectVhost = { # Should go last, catchall http -> https redirect
listen = [ { ip = cfg.ip; port = 80; } ];
hostName = "redirectSSL";
extraModules = pkgs.lib.lists.unique (pkgs.lib.lists.flatten cfg.modules);
extraConfig = builtins.concatStringsSep "\n" cfg.extraConfig;
virtualHosts = [ fallbackVhost ]
+ ++ lib.optionals (name == "tools") [ nosslVhost ]
++ (pkgs.lib.attrsets.mapAttrsToList (n: v: toVhost v) cfg.vhostConfs)
++ [ redirectVhost ];
};
./tools/mediagoblin
./tools/diaspora
./tools/ether
+ ./tools/peertube
# built using:
# sed -e "s/services\.httpd/services\.httpdProd/g" .nix-defexpr/channels/nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix
# Removed allGranted
services.myWebsites.tools.mediagoblin.enable = true;
services.myWebsites.tools.diaspora.enable = true;
services.myWebsites.tools.etherpad-lite.enable = true;
+ services.myWebsites.tools.peertube.enable = true;
services.myWebsites.Chloe.production.enable = cfg.production.enable;
services.myWebsites.Ludivine.production.enable = cfg.production.enable;
ProxyPass /maintenance_immae.html !
AliasMatch "(.*)/googleb6d69446ff4ca3e5.html" ${../../www}/googleb6d69446ff4ca3e5.html
+ <Directory ${../../www}>
+ AllowOverride None
+ Require all granted
+ </Directory>
'';
};
apaxy = {
phpPackage = pkgs.php;
phpOptions = ''
session.save_path = "/var/lib/php/sessions"
+ post_max_size = 20M
session.gc_maxlifetime = 60*60*24*15
session.cache_expire = 60*24*30
'';
projects / perso / Immae / Config / Nix.git / blobdiff