cluster/containers/website.nix

84 lines
2 KiB
Nix
Raw Permalink Normal View History

{ nglib, website, nixpkgs }:
nglib.makeSystem {
system = "x86_64-linux";
name = "nixng-website";
inherit nixpkgs;
config = ({ pkgs, options, ... }: {
dumb-init = {
enable = true;
type.services = {};
};
init.services.apache2 = {
ensureSomething.link."documentRoot" = {
src = "${website."x86_64-linux"}/redalder";
dst = "/var/www";
};
shutdownOnExit = true;
};
services.apache2 = {
enable = true;
configuration = [
{
LoadModule = [
[ "mpm_event_module" "modules/mod_mpm_event.so" ]
[ "log_config_module" "modules/mod_log_config.so" ]
[ "unixd_module" "modules/mod_unixd.so" ]
[ "authz_core_module" "modules/mod_authz_core.so" ]
[ "dir_module" "modules/mod_dir.so" ]
[ "mime_module" "modules/mod_mime.so" ]
];
}
{
Listen = "0.0.0.0:80";
ServerRoot = "/var/www";
ServerName = "blowhole";
PidFile = "/httpd.pid";
User = "www-data";
Group = "www-data";
DocumentRoot = "/var/www";
}
{
ErrorLog = "/dev/stderr";
TransferLog = "/dev/stdout";
LogLevel = "info";
}
{
AddType = [
[ "image/svg+xml" "svg" "svgz" ]
];
AddEncoding = [ "gzip" "svgz" ];
TypesConfig = "${pkgs.apacheHttpd}/conf/mime.types";
}
{
Directory = {
"/" = {
Require = [ "all" "denied" ];
Options = "SymlinksIfOwnerMatch";
};
};
VirtualHost = {
"*:80" = {
Directory = {
"/var/www" = {
Require = [ "all" "granted" ];
Options = [ "-Indexes" "+FollowSymlinks" ];
DirectoryIndex = "index.html";
};
};
};
};
}
];
};
});
}