summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--custom/ymir.nginx62
-rw-r--r--ymir.nix63
2 files changed, 63 insertions, 62 deletions
diff --git a/custom/ymir.nginx b/custom/ymir.nginx
new file mode 100644
index 00000000..1fb0afcb
--- /dev/null
+++ b/custom/ymir.nginx
@@ -0,0 +1,62 @@
1default_type application/octet-stream;
2
3log_format main
4 '$remote_addr - $remote_user [$time_local] '
5 '"$request" $status $bytes_sent '
6 '"$http_referer" "$http_user_agent" '
7 '"$gzip_ratio"';
8
9client_header_timeout 10m;
10client_body_timeout 10m;
11send_timeout 10m;
12
13connection_pool_size 256;
14client_header_buffer_size 1k;
15large_client_header_buffers 4 2k;
16request_pool_size 4k;
17
18gzip on;
19gzip_min_length 1100;
20gzip_buffers 4 8k;
21gzip_types text/plain;
22
23output_buffers 1 32k;
24postpone_output 1460;
25
26sendfile on;
27tcp_nopush on;
28tcp_nodelay on;
29
30keepalive_timeout 75 20;
31
32ignore_invalid_headers on;
33
34server {
35 listen *:80;
36 listen [::]:80;
37 server_name dirty-haskell.org www.dirty-haskell.org;
38
39 root /srv/www/dirty-haskell.org;
40}
41
42server {
43 listen *:443 ssl;
44 listen [::]:443 ssl;
45 server_name dirty-haskell.org;
46
47 ssl_certificate /etc/nginx/ssl/dirty-haskell.org/fullchain.pem;
48 ssl_certificate_key /etc/nginx/ssl/dirty-haskell.org/privkey.pem;
49
50 root /srv/www/dirty-haskell.org;
51}
52
53server {
54 listen *:443 ssl;
55 listen [::]:443 ssl;
56 server_name www.dirty-haskell.org;
57
58 ssl_certificate /etc/nginx/ssl/www.dirty-haskell.org/fullchain.pem;
59 ssl_certificate_key /etc/nginx/ssl/www.dirty-haskell.org/privkey.pem;
60
61 root /srv/www/dirty-haskell.org;
62}
diff --git a/ymir.nix b/ymir.nix
index 52b6e476..808b11bb 100644
--- a/ymir.nix
+++ b/ymir.nix
@@ -167,67 +167,6 @@ in {
167 167
168 services.nginx = { 168 services.nginx = {
169 enable = true; 169 enable = true;
170 httpConfig = '' 170 httpConfig = builtins.readFile ./custom/ymir.nginx;
171 default_type application/octet-stream;
172
173 log_format main
174 '$remote_addr - $remote_user [$time_local] '
175 '"$request" $status $bytes_sent '
176 '"$http_referer" "$http_user_agent" '
177 '"$gzip_ratio"';
178
179 client_header_timeout 10m;
180 client_body_timeout 10m;
181 send_timeout 10m;
182
183 connection_pool_size 256;
184 client_header_buffer_size 1k;
185 large_client_header_buffers 4 2k;
186 request_pool_size 4k;
187
188 gzip on;
189 gzip_min_length 1100;
190 gzip_buffers 4 8k;
191 gzip_types text/plain;
192
193 output_buffers 1 32k;
194 postpone_output 1460;
195
196 sendfile on;
197 tcp_nopush on;
198 tcp_nodelay on;
199
200 keepalive_timeout 75 20;
201
202 ignore_invalid_headers on;
203
204 server {
205 listen *:80;
206 listen [::]:80;
207 server_name dirty-haskell.org www.dirty-haskell.org;
208
209 root /srv/www/dirty-haskell.org;
210 }
211 server {
212 listen *:443 ssl;
213 listen [::]:443 ssl;
214 server_name dirty-haskell.org;
215
216 ssl_certificate /etc/nginx/ssl/dirty-haskell.org/fullchain.pem;
217 ssl_certificate_key /etc/nginx/ssl/dirty-haskell.org/privkey.pem;
218
219 root /srv/www/dirty-haskell.org;
220 }
221 server {
222 listen *:443 ssl;
223 listen [::]:443 ssl;
224 server_name www.dirty-haskell.org;
225
226 ssl_certificate /etc/nginx/ssl/www.dirty-haskell.org/fullchain.pem;
227 ssl_certificate_key /etc/nginx/ssl/www.dirty-haskell.org/privkey.pem;
228
229 root /srv/www/dirty-haskell.org;
230 }
231 '';
232 }; 171 };
233} 172}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-11 18:20:10 +0000