{ pkgs, lib, ... }: { users.users.nginx.extraGroups = [ "acme" ]; services.nginx = { enable = true; appendHttpConfig = '' log_format vcombined '$host:$server_port ' '$remote_addr - $remote_user [$time_local] ' '"$request" $status $body_bytes_sent ' '"$http_referer" "$http_user_agent"'; access_log /var/log/nginx/access.log vcombined; ''; recommendedGzipSettings = true; recommendedOptimisation = true; recommendedProxySettings = true; recommendedTlsSettings = true; virtualHosts = { "00000" = { useACMEHost = "hoyer.xyz"; serverName = "_"; globalRedirect = "hoyer.xyz"; addSSL = true; }; "hoyer.photos" = { enableACME = false; useACMEHost = "hoyer.photos"; forceSSL = true; root = "/var/www/hoyer.xyz/html"; }; "hoyer.world" = { enableACME = false; useACMEHost = "hoyer.world"; forceSSL = true; root = "/var/www/hoyer.xyz/html"; }; "hoyer.social" = { enableACME = false; useACMEHost = "hoyer.social"; forceSSL = true; root = "/var/www/hoyer.xyz/html"; }; "hoyer.xyz" = { # serverName = "hoyer.xyz"; serverAliases = [ "www.hoyer.xyz" ]; useACMEHost = "hoyer.xyz"; enableACME = false; forceSSL = true; root = "/var/www/hoyer.xyz/html"; locations."/stats" = { basicAuthFile = "/var/www/hoyer.xyz/stats.htaccess"; }; }; "surfsite.org" = { useACMEHost = "surfsite.org"; enableACME = false; forceSSL = true; root = "/var/www/surfsite.org"; }; "kicker.surfsite.org" = { useACMEHost = "surfsite.org"; enableACME = false; forceSSL = true; locations."/" = { proxyPass = "http://localhost:8087/"; }; }; "git.hoyer.xyz" = { useACMEHost = "hoyer.xyz"; enableACME = false; forceSSL = true; locations."/" = { proxyPass = "http://localhost:3001/"; }; }; "webmail.hoyer.xyz" = { useACMEHost = "hoyer.xyz"; enableACME = false; forceSSL = true; }; "harald.hoyer.photos" = { enableACME = true; forceSSL = true; root = "/var/www/photo.harald-hoyer.de/html"; }; "photo.harald-hoyer.de" = { useACMEHost = "harald-hoyer.de"; forceSSL = true; root = "/var/www/photo.harald-hoyer.de/html"; }; "photo-harald.hoyer.xyz" = { serverAliases = [ "photo.harald.hoyer.xyz" ]; useACMEHost = "hoyer.xyz"; forceSSL = true; root = "/var/www/photo.harald-hoyer.de/html"; }; "harald-hoyer.de" = { serverAliases = [ "www.harald-hoyer.de" ]; useACMEHost = "harald-hoyer.de"; globalRedirect = "harald.hoyer.xyz"; forceSSL = true; }; "harald.hoyer.xyz" = { serverAliases = [ "www.harald.hoyer.xyz" ]; useACMEHost = "hoyer.xyz"; root = "/var/www/harald.hoyer.xyz/html/"; extraConfig = '' rewrite ^/feed/rss$ /rss.xml permanent; rewrite ^/feed/rss/$ /rss.xml permanent; rewrite ^/feed/$ /rss.xml permanent; rewrite ^/feed/rss/index.html$ /rss.xml permanent; rewrite ^/fedora/fedora/RSS2$ /tags/fedora/rss.xml permanent; rewrite ^/linux/linux/RSS2$ /tags/linux/rss.xml permanent; rewrite ^/linux/feed$ /tags/linux/rss.xml permanent; rewrite ^/wp-rss2.php$ /rss.xml permanent; rewrite ^/aggregator/rss.xml$ /rss.xml permanent; rewrite ^/personal/blog/aggregator/RSS$ /rss.xml permanent; rewrite ^/personal/blog/aggregator/RSS2$ /rss.xml permanent; rewrite ^/aggregator/RSS$ /rss.xml permanent; rewrite ^/aggregator/RSS2$ /rss.xml permanent; rewrite ^/wp-commentsrss2.php$ /rss.xml permanent; ''; forceSSL = true; }; "hartwin-hoyer.de" = { serverAliases = [ "www.hartwin-hoyer.de" ]; useACMEHost = "hartwin-hoyer.de"; globalRedirect = "hartwin.hoyer.xyz"; forceSSL = true; }; "hartwin.hoyer.xyz" = { serverAliases = [ "testhartwin.hoyer.xyz" "www.hartwin.hoyer.xyz" ]; useACMEHost = "hoyer.xyz"; root = "/var/www/hartwin.hoyer.xyz/html/"; forceSSL = true; }; "nc.hoyer.xyz" = { useACMEHost = "hoyer.xyz"; forceSSL = true; }; }; }; }