blob: a2bf6a30e5cf7b044eacf64dfe9451bd7d39b39c (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
{ config, pkgs, ... }:
let domain = config.networking.domain;
in {
security.acme.certs.${domain} = {
credentialsFile = pkgs.writeText "namesilo.env" ''
NAMESILO_API_KEY_FILE=/var/lib/acme/namesilo.key
NAMESILO_PROPAGATION_TIMEOUT=1800
'';
dnsProvider = "namesilo";
extraDomainNames = [
"*.ipfs.${domain}"
"*.ipns.${domain}"
];
webroot = null;
};
services = {
ipfs = {
enable = true;
enableGC = true;
extraConfig.GateWay = {
NoFetch = true;
PublicGateways.${domain} = {
Paths = [ "/ipfs" "/ipns" ];
UseSubdomains = true;
};
};
};
nginx.virtualHosts = let
ipfsGateway = "http://localhost:8080";
ipfsProxy = {
forceSSL = true;
locations."/".proxyPass = ipfsGateway;
useACMEHost = domain;
};
in {
"${domain}".locations = {
"/ipfs".proxyPass = ipfsGateway;
"/ipns".proxyPass = ipfsGateway;
};
"*.ipfs.${domain}" = ipfsProxy;
"*.ipns.${domain}" = ipfsProxy;
"ipwhl.${domain}" = {
enableACME = true;
forceSSL = true;
locations."/".proxyPass = ipfsGateway;
};
};
};
}
|