Matthew Binning
5b25211618
Added staging.nginx.nix modeled on prod.nginx.nix, configuring nginx as a local staging server. Updated deploy.sh to target either staging or prod over SSH. Consolidated shared configuration between the two nginx nix files and between the staging and prod deploy paths in deploy.sh.
56 lines
1.4 KiB
Nix
56 lines
1.4 KiB
Nix
{ config, pkgs, lib, ... }:
|
|
|
|
{
|
|
services.nginx = {
|
|
enable = true;
|
|
|
|
# Recommended settings
|
|
recommendedGzipSettings = true;
|
|
recommendedOptimisation = true;
|
|
recommendedProxySettings = true;
|
|
|
|
# Virtual hosts configuration for local staging
|
|
virtualHosts = {
|
|
|
|
# Main website - Static HTML/CSS
|
|
# Access via http://localhost or http://localhost:80
|
|
"localhost" = {
|
|
# No SSL for local development
|
|
listen = [
|
|
{ addr = "127.0.0.1"; port = 80; }
|
|
{ addr = "0.0.0.0"; port = 80; }
|
|
];
|
|
|
|
root = "/srv/www/stage.binning.net";
|
|
|
|
locations."/" = {
|
|
index = "index.html";
|
|
tryFiles = "$uri $uri/ =404";
|
|
extraConfig = ''
|
|
# Enable Server Side Includes for navbar/footer includes
|
|
ssi on;
|
|
'';
|
|
};
|
|
|
|
# Private blog articles with HTTP basic authentication
|
|
locations."/blog/private/" = {
|
|
extraConfig = ''
|
|
auth_basic "Private Articles";
|
|
auth_basic_user_file /srv/nginx/.htpasswd;
|
|
|
|
# Enable Server Side Includes
|
|
ssi on;
|
|
'';
|
|
};
|
|
|
|
# Custom 404 page
|
|
extraConfig = ''
|
|
error_page 404 /404.html;
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
|
|
# Firewall - allow local HTTP access
|
|
networking.firewall.allowedTCPPorts = [ 80 ];
|
|
}
|