nixos-configs/nixosConfigurations/vinzenz-lpt2/nginx.nix

{ pkgs, ... }:
let
  blog-domain-socket = "/run/nginx/blog.sock";
  anubis-domain-socket = "/run/anubis/anubis-blog.sock";
in
{
  users.groups = {
    anubis.members = [ "nginx" ];
    nginx.members = [ "anubis" ];
  };
  services = {
    nginx = {
      enable = true;

      recommendedProxySettings = true;
      recommendedTlsSettings = true;
      recommendedGzipSettings = true;
      recommendedOptimisation = true;

      virtualHosts = {
        #"vinzenz-lpt2" = {
        #  locations."/" = {
        #    proxyPass = "http://127.0.0.1:3000/";
        #    proxyWebsockets = true;
        #  };
        #
        #  serverAliases = [ "172.23.42.96" ];
        #};

        "vinzenz-lpt2" = {
          locations."/" = {
            proxyPass = "http://unix:" + anubis-domain-socket;
          };
        };

        "vinzenz-lpt2-in-anubis" = {
          root = pkgs.zerforschen-plus-content;
          listen = [
            {
              addr = "unix:" + blog-domain-socket;
            }
          ];
        };
      };
    };

    #networking.firewall = {
    #  allowedTCPPorts = [
    #    80
    #    8001
    #    3000
    #  ];
    #  allowedUDPPorts = [ 2342 ];
    #};

    anubis = {
      instances.main = {
        enable = true;
        settings = {
          BIND = anubis-domain-socket;
          TARGET = "unix://" + blog-domain-socket;
        };
      };
    };
  };
}
remove inputs from specialArgs 2025-09-13 15:10:42 +02:00			`{ pkgs, ... }:`
anubis test 2025-09-06 20:28:38 +02:00			`let`
			`blog-domain-socket = "/run/nginx/blog.sock";`
			`anubis-domain-socket = "/run/anubis/anubis-blog.sock";`
			`in`
			`{`
			`users.groups = {`
			`anubis.members = [ "nginx" ];`
			`nginx.members = [ "anubis" ];`
			`};`
			`services = {`
			`nginx = {`
			`enable = true;`

			`recommendedProxySettings = true;`
			`recommendedTlsSettings = true;`
			`recommendedGzipSettings = true;`
			`recommendedOptimisation = true;`
split up files more 2024-10-26 18:15:50 +02:00
anubis test 2025-09-06 20:28:38 +02:00			`virtualHosts = {`
			`#"vinzenz-lpt2" = {`
			`# locations."/" = {`
			`# proxyPass = "http://127.0.0.1:3000/";`
			`# proxyWebsockets = true;`
			`# };`
			`#`
			`# serverAliases = [ "172.23.42.96" ];`
			`#};`
split up files more 2024-10-26 18:15:50 +02:00
anubis test 2025-09-06 20:28:38 +02:00			`"vinzenz-lpt2" = {`
			`locations."/" = {`
lint checks, formatting, update statix url 2025-09-15 19:40:49 +02:00			`proxyPass = "http://unix:" + anubis-domain-socket;`
anubis test 2025-09-06 20:28:38 +02:00			`};`
split up files more 2024-10-26 18:15:50 +02:00			`};`

anubis test 2025-09-06 20:28:38 +02:00			`"vinzenz-lpt2-in-anubis" = {`
remove inputs from specialArgs 2025-09-13 15:10:42 +02:00			`root = pkgs.zerforschen-plus-content;`
anubis test 2025-09-06 20:28:38 +02:00			`listen = [`
			`{`
lint checks, formatting, update statix url 2025-09-15 19:40:49 +02:00			`addr = "unix:" + blog-domain-socket;`
anubis test 2025-09-06 20:28:38 +02:00			`}`
			`];`
			`};`
split up files more 2024-10-26 18:15:50 +02:00			`};`
			`};`

anubis test 2025-09-06 20:28:38 +02:00			`#networking.firewall = {`
			`# allowedTCPPorts = [`
			`# 80`
			`# 8001`
			`# 3000`
			`# ];`
			`# allowedUDPPorts = [ 2342 ];`
			`#};`

			`anubis = {`
			`instances.main = {`
			`enable = true;`
			`settings = {`
			`BIND = anubis-domain-socket;`
			`TARGET = "unix://" + blog-domain-socket;`
			`};`
			`};`
			`};`
split up files more 2024-10-26 18:15:50 +02:00			`};`
			`}`