2025-04-06 22:59:18 +02:00
|
|
|
{
|
|
|
|
|
config,
|
|
|
|
|
lib,
|
|
|
|
|
pkgs,
|
|
|
|
|
...
|
2025-07-20 01:23:48 +02:00
|
|
|
}:
|
|
|
|
|
let
|
2025-04-06 22:59:18 +02:00
|
|
|
inherit (lib.modules) mkIf mkDefault;
|
|
|
|
|
inherit (lib.options) mkEnableOption;
|
|
|
|
|
cfg = config.modules.system.services.nginx;
|
2025-07-20 01:23:48 +02:00
|
|
|
in
|
|
|
|
|
{
|
2025-04-06 22:59:18 +02:00
|
|
|
options.modules.system.services.nginx.enable = mkEnableOption "nginx";
|
|
|
|
|
config = mkIf cfg.enable {
|
|
|
|
|
security = {
|
|
|
|
|
acme = {
|
|
|
|
|
acceptTerms = true;
|
|
|
|
|
defaults.email = "charlie@charlieroot.dev";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
services.nginx = {
|
|
|
|
|
package = pkgs.nginxQuic;
|
|
|
|
|
statusPage = true;
|
|
|
|
|
|
|
|
|
|
recommendedTlsSettings = true;
|
|
|
|
|
recommendedBrotliSettings = true;
|
|
|
|
|
recommendedOptimisation = true;
|
|
|
|
|
recommendedGzipSettings = true;
|
|
|
|
|
recommendedProxySettings = true;
|
|
|
|
|
|
2025-04-09 15:31:18 +02:00
|
|
|
# nginx defaults to a 1MB size limit for uploads, which
|
|
|
|
|
# *definitely* isn't enough for Git LFS.
|
|
|
|
|
# 'client_max_body_size 300m;' would set a limit of 300MB
|
|
|
|
|
# setting it to 0 means "no limit"
|
2025-04-06 22:59:18 +02:00
|
|
|
clientMaxBodySize = mkDefault "512m";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
}
|
