Merge remote-tracking branch 'orange/master'

1 files changed, 20 insertions, 1 deletions

diff --git a/lass/1systems/neoprism/config.nix b/lass/1systems/neoprism/config.nix
index 7b402f8a6..79402959e 100644
--- a/lass/1systems/neoprism/config.nix
+++ b/lass/1systems/neoprism/config.nix
@@ -4,6 +4,9 @@
   imports = [
     <stockholm/lass>
     <stockholm/lass/2configs/retiolum.nix>
+    <stockholm/lass/2configs/mail/internet-gateway.nix>
+    <stockholm/lass/2configs/binary-cache/server.nix>
+    <stockholm/lass/2configs/matrix.nix>
     <stockholm/lass/2configs/gsm-wiki.nix>
 
     # sync-containers
@@ -26,7 +29,23 @@
   krebs.build.host = config.krebs.hosts.neoprism;
 
   networking.firewall.allowedTCPPorts = [ 80 443 ];
-  services.nginx.enable = true;
   security.acme.acceptTerms = true;
   security.acme.defaults.email = "acme@lassul.us";
+  services.nginx = {
+    enable = true;
+    recommendedGzipSettings = true;
+    recommendedOptimisation = true;
+    recommendedTlsSettings = true;
+
+    enableReload = true;
+
+    virtualHosts.default = {
+      default = true;
+      locations."= /etc/os-release".extraConfig = ''
+        default_type text/plain;
+        alias /etc/os-release;
+      '';
+      locations."~ ^/.well-known/acme-challenge/".root = "/var/lib/acme/acme-challenge";
+    };
+  };
 }