From 5dc3c977f1e2b48e6d898ccb753227ba1e36b3d0 Mon Sep 17 00:00:00 2001 From: Joshua Potter Date: Fri, 12 Apr 2024 14:10:56 -0600 Subject: [PATCH] Turn on nginx recommended settings. Bump reconn. --- services/blog.nix | 17 ++++++++++++----- services/boardwise/default.nix | 20 +++++++++++++------- services/bookshelf.nix | 17 ++++++++++++----- services/forgejo.nix | 18 ++++++++++++------ services/notebook.nix | 19 +++++++++++++------ services/portfolio.nix | 19 +++++++++++++------ services/reconn/default.nix | 23 +++++++++++++++-------- 7 files changed, 90 insertions(+), 43 deletions(-) diff --git a/services/blog.nix b/services/blog.nix index d05e1c3..bda9574 100644 --- a/services/blog.nix +++ b/services/blog.nix @@ -4,11 +4,18 @@ let "github:jrpotter/blog/457bfd6c521d5d8eeb41deb7d5d6a925fd55dda9"; in { - services.nginx.virtualHosts."blog.jrpotter.com" = { - forceSSL = true; - enableACME = true; - locations."/" = { - root = blog.packages.${system}.app; + services.nginx = { + recommendedGzipSettings = true; + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + + virtualHosts."blog.jrpotter.com" = { + forceSSL = true; + enableACME = true; + locations."/" = { + root = blog.packages.${system}.app; + }; }; }; } diff --git a/services/boardwise/default.nix b/services/boardwise/default.nix index 9b77c81..5867bdc 100644 --- a/services/boardwise/default.nix +++ b/services/boardwise/default.nix @@ -9,13 +9,19 @@ let in { services = { - nginx.virtualHosts."www.boardwise.gg" = { - forceSSL = true; - enableACME = true; - serverAliases = [ "boardwise.gg" ]; - locations."/" = { - recommendedProxySettings = true; - proxyPass = "http://127.0.0.1:4000"; + nginx = { + recommendedGzipSettings = true; + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + + virtualHosts."www.boardwise.gg" = { + forceSSL = true; + enableACME = true; + serverAliases = [ "boardwise.gg" ]; + locations."/" = { + proxyPass = "http://127.0.0.1:4000"; + }; }; }; postgresql = { diff --git a/services/bookshelf.nix b/services/bookshelf.nix index 066f72e..80612c4 100644 --- a/services/bookshelf.nix +++ b/services/bookshelf.nix @@ -4,11 +4,18 @@ let "github:jrpotter/bookshelf/bf9888c050b7a62f58be0198af19a6de7c40b375"; in { - services.nginx.virtualHosts."bookshelf.jrpotter.com" = { - forceSSL = true; - enableACME = true; - locations."/" = { - root = bookshelf.packages.${system}.app; + services.nginx = { + recommendedGzipSettings = true; + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + + virtualHosts."bookshelf.jrpotter.com" = { + forceSSL = true; + enableACME = true; + locations."/" = { + root = bookshelf.packages.${system}.app; + }; }; }; } diff --git a/services/forgejo.nix b/services/forgejo.nix index c7a4e41..26e9d2a 100644 --- a/services/forgejo.nix +++ b/services/forgejo.nix @@ -41,12 +41,18 @@ }; }; }; - nginx.virtualHosts."git.jrpotter.com" = { - forceSSL = true; - enableACME = true; - locations."/" = { - recommendedProxySettings = true; - proxyPass = "http://127.0.0.1:3000"; + nginx = { + recommendedGzipSettings = true; + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + + virtualHosts."git.jrpotter.com" = { + forceSSL = true; + enableACME = true; + locations."/" = { + proxyPass = "http://127.0.0.1:3000"; + }; }; }; }; diff --git a/services/notebook.nix b/services/notebook.nix index b5cc753..db2541b 100644 --- a/services/notebook.nix +++ b/services/notebook.nix @@ -4,12 +4,19 @@ let "github:jrpotter/notebook/79b715a64c703279f593cad08775b0d73400a19b"; in { - services.nginx.virtualHosts."notebook.jrpotter.com" = { - forceSSL = true; - enableACME = true; - locations."/" = { - root = "${notebook.packages.${system}.app}/share"; - tryFiles = "$uri $uri.html $uri/ =404"; + services.nginx = { + recommendedGzipSettings = true; + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + + virtualHosts."notebook.jrpotter.com" = { + forceSSL = true; + enableACME = true; + locations."/" = { + root = "${notebook.packages.${system}.app}/share"; + tryFiles = "$uri $uri.html $uri/ =404"; + }; }; }; } diff --git a/services/portfolio.nix b/services/portfolio.nix index b34a935..218356d 100644 --- a/services/portfolio.nix +++ b/services/portfolio.nix @@ -4,12 +4,19 @@ let "github:jrpotter/portfolio/eca5e764f26faaa64f6966dbf3970b86eaaf2195"; in { - services.nginx.virtualHosts."www.jrpotter.com" = { - forceSSL = true; - enableACME = true; - serverAliases = [ "jrpotter.com" ]; - locations."/" = { - root = portfolio.packages.${system}.app; + services.nginx = { + recommendedGzipSettings = true; + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + + virtualHosts."www.jrpotter.com" = { + forceSSL = true; + enableACME = true; + serverAliases = [ "jrpotter.com" ]; + locations."/" = { + root = portfolio.packages.${system}.app; + }; }; }; } diff --git a/services/reconn/default.nix b/services/reconn/default.nix index 69e404e..40200b7 100644 --- a/services/reconn/default.nix +++ b/services/reconn/default.nix @@ -1,18 +1,25 @@ { system, pkgs, lib, ... }: let reconn = ( - builtins.getFlake "git+ssh://forgejo@git.jrpotter.com/r/reconn?rev=74cb0be878441c4eafcfd2b2c2c926fe87ea8a30" + builtins.getFlake "git+ssh://forgejo@git.jrpotter.com/r/reconn?rev=0657541aa62f9b7a672c239f92eb3b410a3dd1ce" ).packages.${system}.app; in { services = { - nginx.virtualHosts."www.hideandseek.live" = { - forceSSL = true; - enableACME = true; - serverAliases = [ "hideandseek.live" ]; - locations."/" = { - recommendedProxySettings = true; - proxyPass = "http://127.0.0.1:4000"; + nginx = { + recommendedGzipSettings = true; + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + + virtualHosts."www.hideandseek.live" = { + forceSSL = true; + enableACME = true; + serverAliases = [ "hideandseek.live" ]; + locations."/" = { + proxyPass = "http://127.0.0.1:4000"; + proxyWebsockets = true; + }; }; }; postgresql = {