mirror of
https://github.com/ivabus/nixos
synced 2024-11-22 00:15:06 +03:00
Enable http/3 on all websites
Signed-off-by: Ivan Bushchik <ivabus@ivabus.dev>
This commit is contained in:
parent
a2143c22ab
commit
89c283ee99
3 changed files with 9 additions and 0 deletions
|
@ -61,33 +61,39 @@ in {
|
||||||
locations."/".proxyPass = "http://${secrets.maas-address}:8081";
|
locations."/".proxyPass = "http://${secrets.maas-address}:8081";
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
addSSL = true;
|
addSSL = true;
|
||||||
|
http3 = true;
|
||||||
serverAliases = [ "www.iva.bz" ];
|
serverAliases = [ "www.iva.bz" ];
|
||||||
};
|
};
|
||||||
virtualHosts."xn--80acbx2cl.xn--p1ai" = {
|
virtualHosts."xn--80acbx2cl.xn--p1ai" = {
|
||||||
locations."/".proxyPass = "http://${secrets.maas-address}:8083";
|
locations."/".proxyPass = "http://${secrets.maas-address}:8083";
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
addSSL = true;
|
addSSL = true;
|
||||||
|
http3 = true;
|
||||||
serverAliases = [ "ивабус.рф" ];
|
serverAliases = [ "ивабус.рф" ];
|
||||||
};
|
};
|
||||||
virtualHosts."music.ivabus.dev" = {
|
virtualHosts."music.ivabus.dev" = {
|
||||||
locations."/".proxyPass = "http://${secrets.maas-address}:4533";
|
locations."/".proxyPass = "http://${secrets.maas-address}:4533";
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
|
http3 = true;
|
||||||
};
|
};
|
||||||
virtualHosts."storage.ivabus.dev" = {
|
virtualHosts."storage.ivabus.dev" = {
|
||||||
locations."/".proxyPass = "http://${secrets.maas-address}:80";
|
locations."/".proxyPass = "http://${secrets.maas-address}:80";
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
|
http3 = true;
|
||||||
};
|
};
|
||||||
virtualHosts."slides.ivabus.dev" = {
|
virtualHosts."slides.ivabus.dev" = {
|
||||||
locations."/".proxyPass = "http://${secrets.maas-address}:80";
|
locations."/".proxyPass = "http://${secrets.maas-address}:80";
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
|
http3 = true;
|
||||||
};
|
};
|
||||||
virtualHosts."git.ivabus.dev" = {
|
virtualHosts."git.ivabus.dev" = {
|
||||||
locations."/".proxyPass = "http://${secrets.maas-address}:3000";
|
locations."/".proxyPass = "http://${secrets.maas-address}:3000";
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
|
http3 = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -9,6 +9,7 @@ in {
|
||||||
virtualHosts."ivabus.dev" = {
|
virtualHosts."ivabus.dev" = {
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
|
http3 = true;
|
||||||
|
|
||||||
root = pkgs.callPackage ../../pkgs/ivabus-dev.nix { };
|
root = pkgs.callPackage ../../pkgs/ivabus-dev.nix { };
|
||||||
|
|
||||||
|
|
|
@ -7,6 +7,7 @@ in {
|
||||||
config = lib.mkIf (cfg.enable) {
|
config = lib.mkIf (cfg.enable) {
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
package = pkgs.nginxQuic;
|
||||||
recommendedGzipSettings = true;
|
recommendedGzipSettings = true;
|
||||||
recommendedOptimisation = true;
|
recommendedOptimisation = true;
|
||||||
recommendedProxySettings = true;
|
recommendedProxySettings = true;
|
||||||
|
@ -18,5 +19,6 @@ in {
|
||||||
defaults.email = "ivabus@ivabus.dev";
|
defaults.email = "ivabus@ivabus.dev";
|
||||||
};
|
};
|
||||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||||
|
networking.firewall.allowedUDPPorts = [ 80 443 ];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue