30 lines
757 B
Nix
30 lines
757 B
Nix
{ config, pkgs, lib, ... }:
|
|
let
|
|
searchdir = "/var/www/search";
|
|
in {
|
|
|
|
users.users.stork = {
|
|
group = "stork";
|
|
isNormalUser = true;
|
|
home = searchdir;
|
|
createHome = false;
|
|
openssh.authorizedKeys.keys = [
|
|
# GitHub deploy search (bgt_github_deploy.pub)
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGrj6cLVxv6LR0INj2OL/EVdEFMZSk0fOc0pCeXVTirz hi@l33t.name"
|
|
];
|
|
};
|
|
|
|
systemd.tmpfiles.rules = [ "d ${searchdir} 0770 stork nginx - -" ];
|
|
|
|
# savarcast is behind traefik, do not configure tls
|
|
services.nginx.virtualHosts."search.binaergewitter.de" = {
|
|
locations."/" = {
|
|
extraConfig = ''
|
|
add_header Access-Control-Allow-Origin *;
|
|
'';
|
|
root = "/var/www/search/";
|
|
tryFiles = "/bgt.st =404";
|
|
};
|
|
};
|
|
}
|