e1fbf03dff
Note: not the actual initial commit. I swear I will stop repeatedly force pushing to this single commit eventually ok.
39 lines
747 B
Nix
39 lines
747 B
Nix
{ config, ... }:
|
|
|
|
{
|
|
imports = [
|
|
./forgejo.nix
|
|
|
|
./sync
|
|
];
|
|
|
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
|
|
|
services.nginx = {
|
|
enable = true;
|
|
virtualHosts = {
|
|
"eriedaberrie.me" = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
acmeRoot = null;
|
|
serverAliases = [ "www.eriedaberrie.me" ];
|
|
locations."/".proxyPass = "http://127.0.0.1:8080/";
|
|
};
|
|
};
|
|
};
|
|
|
|
security.acme = {
|
|
acceptTerms = true;
|
|
defaults.email = "eriedaberrie@gmail.com";
|
|
certs = {
|
|
"eriedaberrie.me" = {
|
|
dnsProvider = "porkbun";
|
|
credentialsFile = config.age.secrets.porkbun-auth.path;
|
|
extraDomainNames = [
|
|
"www.eriedaberrie.me"
|
|
];
|
|
};
|
|
};
|
|
};
|
|
}
|