1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
{
machineConfig,
config,
lib,
pkgs,
...
}:
{
options.zpha.websites."zaphyra.eu".enable = lib.mkEnableOption "";
config = lib.mkIf config.zpha.websites."zaphyra.eu".enable {
dns.zones."zaphyra.eu" =
pkgs.dnsNix.combinators.host machineConfig.networking.ip4Address machineConfig.networking.ip6Address;
services.nginx.virtualHosts."zaphyra.eu" = {
useACMEHost = "${config.networking.fqdn}";
forceSSL = true;
kTLS = true;
root = pkgs.zpha.website;
extraConfig = ''
location /.well-known/openpgpkey {
add_header Access-Control-Allow-Origin * always;
}
'';
};
};
}