61 lines
1.4 KiB
Nix
61 lines
1.4 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}:
|
|
let
|
|
inherit (lib) mkEnableOption mkIf mkOption;
|
|
inherit (lib.types) attrs;
|
|
|
|
cfg = config.ataraxia.services.nginx;
|
|
in
|
|
{
|
|
options.ataraxia.services.nginx = {
|
|
enable = mkEnableOption "Enable nginx service";
|
|
defaultSettings = mkOption {
|
|
type = attrs;
|
|
default = { };
|
|
description = ''
|
|
Default settings to append to virtualHosts. Does not apllied automatically.
|
|
Usage example: `your-host = recursiveUpdate defaultSettings { };`
|
|
'';
|
|
};
|
|
# extraConfig = mkOption {
|
|
# type = str;
|
|
# default = "";
|
|
# description = ''
|
|
# Default settings to append to extraConfig of virtual host's location. Does not apllied automatically.
|
|
# Usage example: `extraConfig = recursiveUpdate extraConfig "";`
|
|
# '';
|
|
# };
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
services.nginx = {
|
|
enable = true;
|
|
package = pkgs.nginxQuic;
|
|
recommendedBrotliSettings = true;
|
|
recommendedGzipSettings = true;
|
|
recommendedOptimisation = true;
|
|
recommendedProxySettings = true;
|
|
recommendedTlsSettings = true;
|
|
recommendedUwsgiSettings = true;
|
|
recommendedZstdSettings = true;
|
|
clientMaxBodySize = "250m";
|
|
commonHttpConfig = ''
|
|
proxy_hide_header X-Frame-Options;
|
|
'';
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [
|
|
80
|
|
443
|
|
];
|
|
networking.firewall.allowedUDPPorts = [
|
|
80
|
|
443
|
|
];
|
|
};
|
|
}
|