From 7ded62d180b68a3a2d6a8eed52173d29342cc1c9 Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Wed, 30 Dec 2020 11:43:56 +0100 Subject: git.ymir --- custom/ymir-nginx.nix | 48 ++++++++++++------------------------------------ ymir.nix | 4 ++-- 2 files changed, 14 insertions(+), 38 deletions(-) diff --git a/custom/ymir-nginx.nix b/custom/ymir-nginx.nix index f4430059..3511b35e 100644 --- a/custom/ymir-nginx.nix +++ b/custom/ymir-nginx.nix @@ -133,8 +133,6 @@ in { ssl_certificate_key /var/lib/acme/yggdrasil.li/key.pem; server { - listen *:80; - listen [::]:80; listen *:443 ssl; listen [::]:443 ssl; server_name _; @@ -152,6 +150,16 @@ in { server { listen *:80; listen [::]:80; + server_name _; + + include ${acme}; + + location / { + return 301 https://$host$request_uri; + } + } + + server { listen *:443 ssl; listen [::]:443 ssl; server_name ~^(.*\.)?(f|files)\.(yggdrasil\.li|141\.li|praseodym\.org)$; @@ -163,8 +171,6 @@ in { } server { - listen *:80; - listen [::]:80; listen *:443 ssl; listen [::]:443 ssl; server_name ~^(.*\.)?(o|online)\.(yggdrasil\.li|141\.li|praseodym\.org)$; @@ -179,8 +185,6 @@ in { } server { - listen *:80; - listen [::]:80; listen *:443 ssl; listen [::]:443 ssl; server_name ~^(.*\.)?dirty-haskell\.org$; @@ -192,9 +196,7 @@ in { } server { - listen *:80; listen *:443 ssl; - listen [::]:80; listen [::]:443 ssl; server_name ~^(.*\.)?git\.yggdrasil\.li$; @@ -207,15 +209,13 @@ in { location @cgit { include ${uwsgi_params}; - uwsgi_pass unix:/tmp/git.yggdrasil.li.sock; + uwsgi_pass unix:/run/git.yggdrasil.li.sock; uwsgi_modifier1 9; } } server { - listen *:80; listen *:443 ssl; - listen [::]:80; listen [::]:443 ssl; server_name ~^(.*\.)?git\.rheperire\.org$; @@ -228,23 +228,11 @@ in { location @cgit { include ${uwsgi_params}; - uwsgi_pass unix:/tmp/git.rheperire.org.sock; + uwsgi_pass unix:/run/git.rheperire.org.sock; uwsgi_modifier1 9; } } - server { - listen *:80; - listen [::]:80; - server_name ~^(.*\.)?odin\.(yggdrasil\.li|141\.li)$; - - include ${acme}; - - location / { - return 301 https://$host$request_uri; - } - } - server { listen *:443 ssl; listen [::]:443 ssl; @@ -259,18 +247,6 @@ in { } } - server { - listen *:80; - listen [::]:80; - server_name ~^ftp\.(yggdrasil\.li|141\.li|praseodym\.org)$; - - include ${acme}; - - location / { - return 301 https://$host$request_uri; - } - } - server { listen *:443 ssl; listen [::]:443 ssl; diff --git a/ymir.nix b/ymir.nix index d4a2fb3b..216a3a07 100644 --- a/ymir.nix +++ b/ymir.nix @@ -297,7 +297,7 @@ in rec { env = [ "CGIT_CONFIG=/etc/cgit/git.yggdrasil.li" ]; - socket = "/tmp/git.yggdrasil.li.sock"; + socket = "/run/git.yggdrasil.li.sock"; chmod-socket = "660"; chown-socket = "uwsgi:nginx"; uid = "uwsgi"; gid = "uwsgi"; @@ -311,7 +311,7 @@ in rec { env = [ "CGIT_CONFIG=/etc/cgit/git.rheperire.org" ]; - socket = "/tmp/git.rheperire.org.sock"; + socket = "/run/git.rheperire.org.sock"; chmod-socket = "660"; chown-socket = "uwsgi:nginx"; uid = "uwsgi"; gid = "uwsgi"; -- cgit v1.2.3