summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--custom/ymir-nginx.nix48
-rw-r--r--ymir.nix4
2 files changed, 14 insertions, 38 deletions
diff --git a/custom/ymir-nginx.nix b/custom/ymir-nginx.nix
index f4430059..3511b35e 100644
--- a/custom/ymir-nginx.nix
+++ b/custom/ymir-nginx.nix
@@ -133,8 +133,6 @@ in {
133 ssl_certificate_key /var/lib/acme/yggdrasil.li/key.pem; 133 ssl_certificate_key /var/lib/acme/yggdrasil.li/key.pem;
134 134
135 server { 135 server {
136 listen *:80;
137 listen [::]:80;
138 listen *:443 ssl; 136 listen *:443 ssl;
139 listen [::]:443 ssl; 137 listen [::]:443 ssl;
140 server_name _; 138 server_name _;
@@ -152,6 +150,16 @@ in {
152 server { 150 server {
153 listen *:80; 151 listen *:80;
154 listen [::]:80; 152 listen [::]:80;
153 server_name _;
154
155 include ${acme};
156
157 location / {
158 return 301 https://$host$request_uri;
159 }
160 }
161
162 server {
155 listen *:443 ssl; 163 listen *:443 ssl;
156 listen [::]:443 ssl; 164 listen [::]:443 ssl;
157 server_name ~^(.*\.)?(f|files)\.(yggdrasil\.li|141\.li|praseodym\.org)$; 165 server_name ~^(.*\.)?(f|files)\.(yggdrasil\.li|141\.li|praseodym\.org)$;
@@ -163,8 +171,6 @@ in {
163 } 171 }
164 172
165 server { 173 server {
166 listen *:80;
167 listen [::]:80;
168 listen *:443 ssl; 174 listen *:443 ssl;
169 listen [::]:443 ssl; 175 listen [::]:443 ssl;
170 server_name ~^(.*\.)?(o|online)\.(yggdrasil\.li|141\.li|praseodym\.org)$; 176 server_name ~^(.*\.)?(o|online)\.(yggdrasil\.li|141\.li|praseodym\.org)$;
@@ -179,8 +185,6 @@ in {
179 } 185 }
180 186
181 server { 187 server {
182 listen *:80;
183 listen [::]:80;
184 listen *:443 ssl; 188 listen *:443 ssl;
185 listen [::]:443 ssl; 189 listen [::]:443 ssl;
186 server_name ~^(.*\.)?dirty-haskell\.org$; 190 server_name ~^(.*\.)?dirty-haskell\.org$;
@@ -192,9 +196,7 @@ in {
192 } 196 }
193 197
194 server { 198 server {
195 listen *:80;
196 listen *:443 ssl; 199 listen *:443 ssl;
197 listen [::]:80;
198 listen [::]:443 ssl; 200 listen [::]:443 ssl;
199 server_name ~^(.*\.)?git\.yggdrasil\.li$; 201 server_name ~^(.*\.)?git\.yggdrasil\.li$;
200 202
@@ -207,15 +209,13 @@ in {
207 209
208 location @cgit { 210 location @cgit {
209 include ${uwsgi_params}; 211 include ${uwsgi_params};
210 uwsgi_pass unix:/tmp/git.yggdrasil.li.sock; 212 uwsgi_pass unix:/run/git.yggdrasil.li.sock;
211 uwsgi_modifier1 9; 213 uwsgi_modifier1 9;
212 } 214 }
213 } 215 }
214 216
215 server { 217 server {
216 listen *:80;
217 listen *:443 ssl; 218 listen *:443 ssl;
218 listen [::]:80;
219 listen [::]:443 ssl; 219 listen [::]:443 ssl;
220 server_name ~^(.*\.)?git\.rheperire\.org$; 220 server_name ~^(.*\.)?git\.rheperire\.org$;
221 221
@@ -228,24 +228,12 @@ in {
228 228
229 location @cgit { 229 location @cgit {
230 include ${uwsgi_params}; 230 include ${uwsgi_params};
231 uwsgi_pass unix:/tmp/git.rheperire.org.sock; 231 uwsgi_pass unix:/run/git.rheperire.org.sock;
232 uwsgi_modifier1 9; 232 uwsgi_modifier1 9;
233 } 233 }
234 } 234 }
235 235
236 server { 236 server {
237 listen *:80;
238 listen [::]:80;
239 server_name ~^(.*\.)?odin\.(yggdrasil\.li|141\.li)$;
240
241 include ${acme};
242
243 location / {
244 return 301 https://$host$request_uri;
245 }
246 }
247
248 server {
249 listen *:443 ssl; 237 listen *:443 ssl;
250 listen [::]:443 ssl; 238 listen [::]:443 ssl;
251 server_name ~^(.*\.)?odin\.(yggdrasil\.li|141\.li)$; 239 server_name ~^(.*\.)?odin\.(yggdrasil\.li|141\.li)$;
@@ -260,18 +248,6 @@ in {
260 } 248 }
261 249
262 server { 250 server {
263 listen *:80;
264 listen [::]:80;
265 server_name ~^ftp\.(yggdrasil\.li|141\.li|praseodym\.org)$;
266
267 include ${acme};
268
269 location / {
270 return 301 https://$host$request_uri;
271 }
272 }
273
274 server {
275 listen *:443 ssl; 251 listen *:443 ssl;
276 listen [::]:443 ssl; 252 listen [::]:443 ssl;
277 253
diff --git a/ymir.nix b/ymir.nix
index d4a2fb3b..216a3a07 100644
--- a/ymir.nix
+++ b/ymir.nix
@@ -297,7 +297,7 @@ in rec {
297 env = [ 297 env = [
298 "CGIT_CONFIG=/etc/cgit/git.yggdrasil.li" 298 "CGIT_CONFIG=/etc/cgit/git.yggdrasil.li"
299 ]; 299 ];
300 socket = "/tmp/git.yggdrasil.li.sock"; 300 socket = "/run/git.yggdrasil.li.sock";
301 chmod-socket = "660"; 301 chmod-socket = "660";
302 chown-socket = "uwsgi:nginx"; 302 chown-socket = "uwsgi:nginx";
303 uid = "uwsgi"; gid = "uwsgi"; 303 uid = "uwsgi"; gid = "uwsgi";
@@ -311,7 +311,7 @@ in rec {
311 env = [ 311 env = [
312 "CGIT_CONFIG=/etc/cgit/git.rheperire.org" 312 "CGIT_CONFIG=/etc/cgit/git.rheperire.org"
313 ]; 313 ];
314 socket = "/tmp/git.rheperire.org.sock"; 314 socket = "/run/git.rheperire.org.sock";
315 chmod-socket = "660"; 315 chmod-socket = "660";
316 chown-socket = "uwsgi:nginx"; 316 chown-socket = "uwsgi:nginx";
317 uid = "uwsgi"; gid = "uwsgi"; 317 uid = "uwsgi"; gid = "uwsgi";