Bloxx12
9603b43f34
Signed-off-by: Bloxx12 <charlie@charlieroot.dev> Change-Id: I6a6a6964afea0dea3adad9edc09f578fb75a43de
36 lines
947 B
Nix
36 lines
947 B
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}: let
|
|
inherit (lib.modules) mkIf mkDefault;
|
|
inherit (lib.options) mkEnableOption;
|
|
cfg = config.modules.system.services.nginx;
|
|
in {
|
|
options.modules.system.services.nginx.enable = mkEnableOption "nginx";
|
|
config = mkIf cfg.enable {
|
|
security = {
|
|
acme = {
|
|
acceptTerms = true;
|
|
defaults.email = "charlie@charlieroot.dev";
|
|
};
|
|
};
|
|
services.nginx = {
|
|
package = pkgs.nginxQuic;
|
|
statusPage = true;
|
|
|
|
recommendedTlsSettings = true;
|
|
recommendedBrotliSettings = true;
|
|
recommendedOptimisation = true;
|
|
recommendedGzipSettings = true;
|
|
recommendedProxySettings = true;
|
|
|
|
# nginx defaults to a 1MB size limit for uploads, which
|
|
# *definitely* isn't enough for Git LFS.
|
|
# 'client_max_body_size 300m;' would set a limit of 300MB
|
|
# setting it to 0 means "no limit"
|
|
clientMaxBodySize = mkDefault "512m";
|
|
};
|
|
};
|
|
}
|