124 lines
3.3 KiB
Nix
124 lines
3.3 KiB
Nix
# SPDX-FileCopyrightText: 2023-2024 Simon Bruder <simon@sbruder.de>
|
|
#
|
|
# SPDX-License-Identifier: AGPL-3.0-or-later
|
|
|
|
{ config, pkgs, ... }:
|
|
|
|
{
|
|
imports = [
|
|
./hardware-configuration.nix
|
|
../../modules
|
|
];
|
|
|
|
sbruder = {
|
|
nginx.hardening.enable = true;
|
|
full = false;
|
|
};
|
|
|
|
networking.hostName = "catering";
|
|
|
|
system.stateVersion = "23.05";
|
|
|
|
services.nginx = {
|
|
enable = true;
|
|
|
|
recommendedGzipSettings = true;
|
|
recommendedOptimisation = true;
|
|
recommendedProxySettings = true;
|
|
recommendedTlsSettings = true;
|
|
|
|
virtualHosts = {
|
|
"catering.salespointframework.org" = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
|
|
locations = {
|
|
"/" = {
|
|
proxyPass = "http://localhost:8080";
|
|
extraConfig = ''
|
|
sub_filter '</script>' '</script><script src="/dev.js"></script>';
|
|
sub_filter_once on;
|
|
'';
|
|
};
|
|
"= /dev.js".alias = pkgs.writeText "dev.js" ''
|
|
addEventListener("load", event => {
|
|
document.querySelector("footer").appendChild((() => {
|
|
let el = document.createElement("p")
|
|
el.classList.add("text-center", "fw-bold")
|
|
el.innerText = "Alle Angebot sind fiktiv!"
|
|
return el
|
|
})())
|
|
|
|
if (localStorage.getItem("devAck") !== "true") {
|
|
if (confirm("Alle hier präsentierten Angebote sind fiktiv, es können keine rechtsverbindlichen Verträge geschlossen werden. Mit dem Fortfahren bestätigen Sie, dies verstanden zu haben.")) {
|
|
localStorage.setItem("devAck", "true")
|
|
} else {
|
|
location = "about:blank"
|
|
}
|
|
}
|
|
})
|
|
'';
|
|
};
|
|
};
|
|
|
|
"www.mampf.shop" = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
globalRedirect = "catering.salespointframework.org";
|
|
};
|
|
|
|
"mampf.shop" = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
globalRedirect = "catering.salespointframework.org";
|
|
};
|
|
|
|
"presi.catering.salespointframework.org" = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
|
|
root = "/var/www/presi.catering.salespointframework.org";
|
|
|
|
locations."/".tryFiles = "/main.pdf =404";
|
|
};
|
|
};
|
|
};
|
|
|
|
systemd.tmpfiles.rules = [
|
|
"d /var/www/presi.catering.salespointframework.org 0755 catering catering - -"
|
|
];
|
|
|
|
users.users.catering = {
|
|
isSystemUser = true;
|
|
group = "catering";
|
|
useDefaultShell = true;
|
|
home = "/var/lib/catering";
|
|
createHome = true;
|
|
|
|
openssh.authorizedKeys.keys = config.sbruder.pubkeys.trustedKeys;
|
|
};
|
|
users.groups.catering = { };
|
|
|
|
sbruder.static-webserver.vhosts = {
|
|
"salespointframework.org" = {
|
|
redirects = [ "www.salespointframework.org" "salespointframe.work" "www.salespointframe.work" ];
|
|
user = {
|
|
name = "salespoint";
|
|
keys = config.sbruder.pubkeys.trustedKeys;
|
|
};
|
|
};
|
|
"verkaufspunktrahmenwerk.de" = {
|
|
redirects = [ "www.verkaufspunktrahmenwerk.de" "verkaufspuntrahmenwerk.de" "www.verkaufspuntrahmenwerk.de" ];
|
|
user = {
|
|
name = "verkaufspunkt";
|
|
keys = config.sbruder.pubkeys.trustedKeys;
|
|
};
|
|
};
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [
|
|
80
|
|
443
|
|
];
|
|
}
|