dotfiles/common/systemModules/nginx.nix

{ config, ... }:
{
  services = {
    nginx = {
      enable = true;
      # logError = "syslog:server=unix:/dev/log warn";
      statusPage = true;
      recommendedTlsSettings = true;
      recommendedGzipSettings = true;
      recommendedProxySettings = true;
      recommendedOptimisation = true;
    };
    adguardhome = {
      port = 3115;
      enable = true;

    };
  };
  sops = {
    secrets = {
      cloudflare_env = {
        format = "dotenv";
        sopsFile = ./cloudflare.env;
      };
    };
  };
  security = {
    acme = {
      certs = {
        "sadan.zip" = {
          dnsProvider = "cloudflare";
          email = "certs@sadan.zip";
          environmentFile = config.sops.secrets.cloudflare_env.path;
        };
      };
      defaults = {
        # If the local dns server hasnt started yet, then this will fail for any domain configured with tailscale magic dns
        dnsResolver = "1.1.1.1:53";
      };
      acceptTerms = true;
    };
  };
}
pray 2025-02-23 14:31:53 -05:00			`{ config, ... }:`
			`{`
			`services = {`
			`nginx = {`
			`enable = true;`
guh 2025-02-23 19:28:18 -05:00			`# logError = "syslog:server=unix:/dev/log warn";`
pray 2025-02-23 14:31:53 -05:00			`statusPage = true;`
guh 2025-02-23 19:16:13 -05:00			`recommendedTlsSettings = true;`
			`recommendedGzipSettings = true;`
			`recommendedProxySettings = true;`
			`recommendedOptimisation = true;`
pray 2025-02-23 14:31:53 -05:00			`};`
enable adguard home 2025-02-23 21:19:17 -05:00			`adguardhome = {`
			`port = 3115;`
			`enable = true;`

			`};`
pray 2025-02-23 14:31:53 -05:00			`};`
			`sops = {`
			`secrets = {`
			`cloudflare_env = {`
			`format = "dotenv";`
			`sopsFile = ./cloudflare.env;`
			`};`
			`};`
			`};`
			`security = {`
			`acme = {`
			`certs = {`
attempt v2 2025-02-23 18:39:21 -05:00			`"sadan.zip" = {`
pray 2025-02-23 14:31:53 -05:00			`dnsProvider = "cloudflare";`
add email 2025-02-23 14:39:42 -05:00			`email = "certs@sadan.zip";`
pray 2025-02-23 14:31:53 -05:00			`environmentFile = config.sops.secrets.cloudflare_env.path;`
			`};`
			`};`
i swear to got if its my tailscale config 2025-02-23 18:56:32 -05:00			`defaults = {`
because the docs clearly say the parameters are seperated by spaces 2025-02-23 19:06:19 -05:00			`# If the local dns server hasnt started yet, then this will fail for any domain configured with tailscale magic dns`
i swear to got if its my tailscale config 2025-02-23 18:56:32 -05:00			`dnsResolver = "1.1.1.1:53";`
			`};`
pray 2025-02-23 14:31:53 -05:00			`acceptTerms = true;`
			`};`
			`};`
			`}`