45 lines
1.3 KiB
Nix
45 lines
1.3 KiB
Nix
|
{ config, lib, ... }:
|
||
|
let
|
||
|
cfg = config.services.nitter;
|
||
|
in
|
||
|
{
|
||
|
services.nitter = {
|
||
|
enable = true;
|
||
|
server = {
|
||
|
port = 8081;
|
||
|
hostname = "nitter.sbruder.xyz";
|
||
|
address = "127.0.0.1";
|
||
|
};
|
||
|
preferences = {
|
||
|
theme = "Auto";
|
||
|
replaceTwitter = "${cfg.server.hostname}";
|
||
|
muteVideos = true;
|
||
|
hlsPlayback = true;
|
||
|
replaceYouTube = "${config.services.invidious.domain}";
|
||
|
};
|
||
|
};
|
||
|
|
||
|
services.nginx.virtualHosts.${cfg.server.hostname} = {
|
||
|
forceSSL = true;
|
||
|
enableACME = true;
|
||
|
locations = {
|
||
|
"/robots.txt".return = "200 'User-agent: *\\nDisallow: /'";
|
||
|
"/" = {
|
||
|
proxyPass = "http://${cfg.server.address}:${toString cfg.server.port}";
|
||
|
extraConfig =
|
||
|
let
|
||
|
# workaround for nginx dropping parent headers
|
||
|
# see https://github.com/yandex/gixy/blob/master/docs/en/plugins/addheaderredefinition.md
|
||
|
parentHeaders = lib.concatStringsSep "\n" (lib.filter
|
||
|
(lib.hasPrefix "add_header ")
|
||
|
(lib.splitString "\n" config.services.nginx.commonHttpConfig));
|
||
|
in
|
||
|
''
|
||
|
${parentHeaders}
|
||
|
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' blob:; style-src 'self' 'unsafe-inline'";
|
||
|
'';
|
||
|
};
|
||
|
};
|
||
|
};
|
||
|
}
|