X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=nixops%2Fmodules%2Fwebsites%2Fdefault.nix;h=1d0c1d73cdd516b69efba74223d5687b5ec27f2c;hb=d06ed384dd59432aec0cf91b92442382c63421d3;hp=8c4380c84f0b4412077e7895a849ea2cb4e8b23e;hpb=ce493c5de8a950b683f6de64cda0b6a8459b87db;p=perso%2FImmae%2FConfig%2FNix.git
diff --git a/nixops/modules/websites/default.nix b/nixops/modules/websites/default.nix
index 8c4380c..1d0c1d7 100644
--- a/nixops/modules/websites/default.nix
+++ b/nixops/modules/websites/default.nix
@@ -16,6 +16,23 @@ let
documentRoot = vhostConf.root;
extraConfig = builtins.concatStringsSep "\n" vhostConf.extraConfig;
};
+ nosslVhost = {
+ listen = [ { ip = cfg.ip; port = 80; } ];
+ hostName = "nossl.immae.eu";
+ enableSSL = false;
+ logFormat = "combinedVhost";
+ documentRoot = ../../www;
+ extraConfig = ''
+
+ DirectoryIndex nossl.html
+ AllowOverride None
+ Require all granted
+
+ RewriteEngine on
+ RewriteRule ^/(.+) / [L]
+
+ '';
+ };
redirectVhost = { # Should go last, catchall http -> https redirect
listen = [ { ip = cfg.ip; port = 80; } ];
hostName = "redirectSSL";
@@ -51,6 +68,7 @@ let
extraModules = pkgs.lib.lists.unique (pkgs.lib.lists.flatten cfg.modules);
extraConfig = builtins.concatStringsSep "\n" cfg.extraConfig;
virtualHosts = [ fallbackVhost ]
+ ++ lib.optionals (name == "tools") [ nosslVhost ]
++ (pkgs.lib.attrsets.mapAttrsToList (n: v: toVhost v) cfg.vhostConfs)
++ [ redirectVhost ];
};
@@ -274,6 +292,10 @@ in
ProxyPass /maintenance_immae.html !
AliasMatch "(.*)/googleb6d69446ff4ca3e5.html" ${../../www}/googleb6d69446ff4ca3e5.html
+
+ AllowOverride None
+ Require all granted
+
'';
};
apaxy = {
@@ -387,6 +409,7 @@ in
phpPackage = pkgs.php;
phpOptions = ''
session.save_path = "/var/lib/php/sessions"
+ post_max_size = 20M
session.gc_maxlifetime = 60*60*24*15
session.cache_expire = 60*24*30
'';