X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=nixops%2Fmodules%2Fwebsites%2Fdefault.nix;h=1d0c1d73cdd516b69efba74223d5687b5ec27f2c;hb=d06ed384dd59432aec0cf91b92442382c63421d3;hp=8c4380c84f0b4412077e7895a849ea2cb4e8b23e;hpb=ce493c5de8a950b683f6de64cda0b6a8459b87db;p=perso%2FImmae%2FConfig%2FNix.git diff --git a/nixops/modules/websites/default.nix b/nixops/modules/websites/default.nix index 8c4380c..1d0c1d7 100644 --- a/nixops/modules/websites/default.nix +++ b/nixops/modules/websites/default.nix @@ -16,6 +16,23 @@ let documentRoot = vhostConf.root; extraConfig = builtins.concatStringsSep "\n" vhostConf.extraConfig; }; + nosslVhost = { + listen = [ { ip = cfg.ip; port = 80; } ]; + hostName = "nossl.immae.eu"; + enableSSL = false; + logFormat = "combinedVhost"; + documentRoot = ../../www; + extraConfig = '' + + DirectoryIndex nossl.html + AllowOverride None + Require all granted + + RewriteEngine on + RewriteRule ^/(.+) / [L] + + ''; + }; redirectVhost = { # Should go last, catchall http -> https redirect listen = [ { ip = cfg.ip; port = 80; } ]; hostName = "redirectSSL"; @@ -51,6 +68,7 @@ let extraModules = pkgs.lib.lists.unique (pkgs.lib.lists.flatten cfg.modules); extraConfig = builtins.concatStringsSep "\n" cfg.extraConfig; virtualHosts = [ fallbackVhost ] + ++ lib.optionals (name == "tools") [ nosslVhost ] ++ (pkgs.lib.attrsets.mapAttrsToList (n: v: toVhost v) cfg.vhostConfs) ++ [ redirectVhost ]; }; @@ -274,6 +292,10 @@ in ProxyPass /maintenance_immae.html ! AliasMatch "(.*)/googleb6d69446ff4ca3e5.html" ${../../www}/googleb6d69446ff4ca3e5.html + + AllowOverride None + Require all granted + ''; }; apaxy = { @@ -387,6 +409,7 @@ in phpPackage = pkgs.php; phpOptions = '' session.save_path = "/var/lib/php/sessions" + post_max_size = 20M session.gc_maxlifetime = 60*60*24*15 session.cache_expire = 60*24*30 '';