diff options
| author | tv <tv@krebsco.de> | 2023-09-11 14:55:04 +0200 |
|---|---|---|
| committer | tv <tv@krebsco.de> | 2023-09-11 14:55:04 +0200 |
| commit | 8fc162ee3d9525a2b45346a1ca8f34ccb5ef971b (patch) | |
| tree | aa37724dd0452860d4b9b033332587c8832629e3 /lass/2configs/codimd.nix | |
| parent | 90b1515dcd5b67a85cd92901fb211764b1fa5f83 (diff) | |
| parent | 083229d0211096daec08673f743ccc45b1d8a0ac (diff) | |
Merge remote-tracking branch 'orange/master'
Diffstat (limited to 'lass/2configs/codimd.nix')
| -rw-r--r-- | lass/2configs/codimd.nix | 58 |
1 files changed, 0 insertions, 58 deletions
diff --git a/lass/2configs/codimd.nix b/lass/2configs/codimd.nix deleted file mode 100644 index ccca49fac..000000000 --- a/lass/2configs/codimd.nix +++ /dev/null @@ -1,58 +0,0 @@ -{ config, pkgs, lib, ... }: -with import <stockholm/lib>; -let - domain = "pad.lassul.us"; -in { - - # redirect legacy domain to new one - services.nginx.virtualHosts."codi.lassul.us" = { - enableACME = true; - addSSL = true; - locations."/".return = "301 https://${domain}\$request_uri"; - }; - - services.nginx.virtualHosts.${domain} = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "https://localhost:3091"; - proxyWebsockets = true; - }; - }; - - security.acme.certs.${domain}.group = "hedgecert"; - users.groups.hedgecert.members = [ "hedgedoc" "nginx" ]; - - security.dhparams = { - enable = true; - params.hedgedoc = {}; - }; - - systemd.services.hedgedoc.environment = { - CMD_COOKIE_POLICY = "none"; - CMD_CSP_ALLOW_FRAMING = "true"; - }; - services.hedgedoc = { - enable = true; - configuration.allowOrigin = [ domain ]; - settings = { - db = { - dialect = "sqlite"; - storage = "/var/lib/hedgedoc/db.hedgedoc.sqlite"; - }; - useCDN = false; - port = 3091; - domain = domain; - allowFreeURL = true; - - useSSL = true; - protocolUseSSL = true; - sslCAPath = [ "/etc/ssl/certs/ca-certificates.crt" ]; - sslCertPath = "/var/lib/acme/${domain}/cert.pem"; - sslKeyPath = "/var/lib/acme/${domain}/key.pem"; - dhParamPath = config.security.dhparams.params.hedgedoc.path; - - }; - }; -} - |