tlaternet/tlaternet-server
1
0
Fork 0
Code Issues 8 Pull requests Activity

Compare commits

base: tlaternet:f04ec5fbc6549b9a84f0187e0c380ae63df4dd71
Branches Tags
tlaternet:master
tlaternet:tlater/ntfy-as-contact
tlaternet:tlater/vendor-webserver
tlaternet:tlater/authelia-attempt-3
tlaternet:tlater/authelia-2
tlaternet:tlater/crowdsec-whitelists
tlaternet:tlater/authelia
..
compare: tlaternet:bec9e413cb00d312029592b74ef0f58dcb881a7b
Branches Tags
tlaternet:master
tlaternet:tlater/ntfy-as-contact
tlaternet:tlater/vendor-webserver
tlaternet:tlater/authelia-attempt-3
tlaternet:tlater/authelia-2
tlaternet:tlater/crowdsec-whitelists
tlaternet:tlater/authelia

6 commits
f04ec5fbc6 ... bec9e413cb

Author SHA1 Message Date
Tristan Daniël Maat
bec9e413cb
refactor: Don't do pointless indirection when importing modules 2025-11-20 00:49:46 +08:00
Tristan Daniël Maat
16c48abe61
refactor: Move service imports into a default.nix 2025-11-20 00:49:25 +08:00
Tristan Daniël Maat
a2cfd55b3d
fix: Make the default package disabling actually work 2025-11-20 00:48:14 +08:00
Tristan Daniël Maat
de9eb4b136
chore: Disable hack for Minecraft optimization on VPS 2025-11-20 00:48:14 +08:00
Tristan Daniël Maat
b63c823577
refactor(firewall): Make services responsible for opening ports 2025-11-20 00:48:14 +08:00
Tristan Daniël Maat
1d84562078
test(nginx): Add simple tests to assert nginx features work 2025-11-20 00:47:15 +08:00
1 changed files with 4 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

6
configuration/nginx/ssl.nix
View file

@ -93,6 +93,7 @@
virtualHosts."${config.services.nginx.domain}" = { virtualHosts."${config.services.nginx.domain}" = {
useACMEHost = "tlater.net"; useACMEHost = "tlater.net";
forceSSL = true;
enableHSTS = true; enableHSTS = true;
locations."/".return = "200 ok"; locations."/".return = "200 ok";
}; };
@ -100,8 +101,8 @@
}; };
in in
{ {
testNginxSSL = pkgs.testers.runNixOSTest { hstsIsSet = pkgs.testers.runNixOSTest {
name = "test-nginx-ssl"; name = "hsts-is-set";
node.specialArgs = { inherit flake-inputs; }; node.specialArgs = { inherit flake-inputs; };
nodes = { nodes = {
@ -121,6 +122,7 @@
testHost.copy_from_vm("/var/lib/acme/tlater.net/", "certs") testHost.copy_from_vm("/var/lib/acme/tlater.net/", "certs")
client.copy_from_host(f"{testHost.out_dir}/certs", "/certs") client.copy_from_host(f"{testHost.out_dir}/certs", "/certs")
client.succeed("curl --max-time 10 http://testHost")
res = client.succeed(" ".join([ res = client.succeed(" ".join([
"curl", "curl",
"--show-error", "--show-error",