X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fwebsites%2Fimmae%2Fproduction.nix;h=3d76b8611c77dd3626bd5aee4fe8c3a2c118b725;hb=6da0830ee38b68f3edc020792d446d166c0642a0;hp=12d6ddb413eb8d61b4fb869dfc8b4f0b26e16159;hpb=ab8f306d7c2c49b8116e1af7b355ed2384617ed9;p=perso%2FImmae%2FConfig%2FNix.git
diff --git a/modules/private/websites/immae/production.nix b/modules/private/websites/immae/production.nix
index 12d6ddb..3d76b86 100644
--- a/modules/private/websites/immae/production.nix
+++ b/modules/private/websites/immae/production.nix
@@ -14,12 +14,25 @@ in {
services.websites.env.production.vhostConfs.immae = {
certName = "eldiron";
addToCerts = true;
- hosts = [ "www.immae.eu" ];
+ hosts = [ "www.immae.eu" "immae.eu" ];
root = varDir;
extraConfig = [
''
Use Stats www.immae.eu
+
+ Header always set Referrer-Policy "strict-origin-when-cross-origin"
+ Header always set Strict-Transport-Security "max-age=31536000"
+ RequestHeader set X-Forwarded-Proto "https"
+
+ RewriteRule ^(.*)$ https://mastodon.immae.eu%{REQUEST_URI} [QSA,L]
+
+
+ RewriteEngine On
+ RewriteCond "%{REQUEST_URI}" "!^/.well-known/(webfinger|host-meta)"
+ RewriteCond "%{HTTP_HOST}" "!^www\.immae\.eu$" [NC]
+ RewriteRule ^(.+)$ https://www.immae.eu$1 [R=302,L]
+
DirectoryIndex index.htm index.html
Options Indexes FollowSymLinks MultiViews Includes
@@ -46,6 +59,16 @@ in {
];
};
+ services.websites.env.production.vhostConfs.immaeFr = {
+ certName = "eldiron";
+ addToCerts = true;
+ hosts = [ "www.immae.fr" "immae.fr" ];
+ root = null;
+ extraConfig = [ ''
+ RedirectMatch 301 ^/((?!\.well-known.*$).*)$ https://www.immae.eu/chapeaux/
+ '' ];
+ };
+
services.websites.env.production.vhostConfs.bouya = {
certName = "eldiron";
addToCerts = true;