formated most nix funciton inputs

2024-10-01 11:13:57 -03:00 · 2024-10-01 11:13:57 -03:00 · 89c8784d49
commit 89c8784d49
parent 702d0f195b
48 changed files with 88 additions and 340 deletions
--- a/hosts/servers/alexandria/nginx.nix
+++ b/hosts/servers/alexandria/nginx.nix
@ -1,10 +1,4 @@
-{
-  inputs,
-  config,
-  pkgs,
-  lib,
-  ...
-}:
+{ config, ... }:

 {
  services.nginx = {
@ -14,11 +8,30 @@
    recommendedOptimisation = true;
    recommendedProxySettings = true;
    recommendedTlsSettings = true;
-    virtualHosts."baduhai.dev" = {
-      useACMEHost = "baduhai.dev";
-      forceSSL = true;
-      kTLS = true;
-      root = inputs.homepage;
+  };
+
+  security.acme = {
+    acceptTerms = true;
+    defaults = {
+      email = "baduhai@proton.me";
+      dnsResolver = "1.1.1.1:53";
+      dnsProvider = "cloudflare";
+      credentialsFile = config.age.secrets.cloudflare.path;
+    };
+    certs."baduhai.dev" = {
+      extraDomainNames = [ "*.baduhai.dev" ];
    };
  };
+
+  boot.kernel.sysctl = {
+    "net.ipv4.ip_forward" = 1;
+    "net.ipv6.conf.all.forwarding" = 1;
+  };
+
+  age.secrets.cloudflare = {
+    file = ../../../secrets/cloudflare.age;
+    owner = "nginx";
+    group = "hosted";
+  };
+
 }