diff options
author | tzlil <tzlils@protonmail.com> | 2023-07-30 13:19:39 +0300 |
---|---|---|
committer | tzlil <tzlils@protonmail.com> | 2023-07-30 13:19:39 +0300 |
commit | f72f22b250ecf22657ffc9e6082086377031ea8a (patch) | |
tree | ce0f397e0933118b64bc58fab5463968d27fd0df /hosts/vps/services/website.nix | |
parent | 22743d455ebb1f44f07b429a2b82045ca5b1d3ac (diff) |
clean up a bit
Diffstat (limited to 'hosts/vps/services/website.nix')
-rw-r--r-- | hosts/vps/services/website.nix | 139 |
1 files changed, 139 insertions, 0 deletions
diff --git a/hosts/vps/services/website.nix b/hosts/vps/services/website.nix new file mode 100644 index 0000000..5d1d48a --- /dev/null +++ b/hosts/vps/services/website.nix @@ -0,0 +1,139 @@ +{ + pkgs, + config, + lib, + ... +}: { + options.website.defaultHeaders = lib.mkOption { + type = lib.types.str; + default = '' + header { + -Server + -Date + -Last-Modified + -Etag + -Accept-Ranges + # disable indexing by search engines + + X-Robots-Tag "noindex, nofollow" + + # disable FLoC tracking + # Permissions-Policy interest-cohort=() + + # enable HSTS + # Strict-Transport-Security max-age=31536000; + + # disable clients from sniffing the media type + # X-Content-Type-Options nosniff + + # clickjacking protection + # X-Frame-Options DENY + + # keep referrer data off of HTTP connections + # Referrer-Policy no-referrer-when-downgrade + } + ''; + }; + config = { + services.caddy = { + enable = true; + virtualHosts = { + "tzlil.net".extraConfig = '' + bind 0.0.0.0 + handle_path / { + try_files ${pkgs.writeText "index.html" '' + <style> + @media (prefers-color-scheme: dark) { + body { background-color: #121212; color: #d4d4d4; } + a { color: #7878ff; } + a:visited { color: #6464fa; } + } + </style> + <pre> + ~?~+=I?~~IIIII++,: .?= .,I=O8OZ.DNNO, ZD7:::=.? ,,:,,I,,:,~+?II?I?II?=+=~+7$ZO + ?==++??==+I???7..:. :II$77?I+ID~NND8.ZMN7~=~I7:,., :?7,.,.~+?I???????,+~7+$ZOZ + 7+===I+~===?I77: ? ,$7$.:.,I?=7NNNINMMMNOI=++ .~==I$7, ..++?I???I+=?.+:O+ZZOZ + ===++I+==?III??I,?, ~I7NN,.. ??ONNNMMMD$777$7I$ZOO$7?....+=????I~=+,:+,O8DNMM + ~=~==7II=+I?II7I,I+,8Z.II8D+=~:.,7$NMMMMMN8$7~. .. :88I. ..?=?++I:~+=.~~~NMMMNN + ~====II?I~+?I?$7I?~8D7+7$ZZNONDN8Z8NMMMMMMNNON:=. :,$.I7 .,+=??I:,=, .:,=DNNMMN + =+?==+==?~+=I?$$I+88D:I$8NMNDDNNNDNNNMMMMMMMMM8I$77=MMDO. :~=+?,,, .~,?8DDD8D + =~=+==I7I=IIIIO$=~OOD=I7ODNNNNMNNDNDNMMMMMMMMNO$O+OZ 78.,.I::++:.. .,::=888OOO + ===I=I?~=?I???$I$?OODZ=7Z8NDONNN7D88MMMMMMMMMMNNNN8DNN~..~:7,,+7?,:,:::+8=Z888OO + ~+===7?=??I????7Z7ZOD8I777$+NNN:OOZOMMMMMMMMMMMMMMNMM+..~=?=O:+?::=+~:~+IDD888OZ + I==II??=I???=::7OI?O88Z=I~,?ZDD,Z$IDMMMMMMMMMMMMMMMM:$$?.~?+=?:,~+?I??==+++I8OOO + ==+++??+=.,~,~:7Z$?7I77$=. $I$8I$7+~8NMMMMMMMMMMMMDDMN$ ,:+?=.~==?II+++=+=?II+OZ + ==+?+I?,=:+?=~~??I++~7$$$= 777Z,$Z$$ONNMMMMMMMMMMMMMM8? .~=?:.==+?I~+?=+=??II?I8 + ?=+?I:=~??II=~~, II?+ 7$7?=?77$?$Z:8NMMMNMMMMMMMMMMMD7 ,,===::~=?II.??++?++III+~ + ??+.I+I=+I+??=~=~ =I+:?7$77?$$$ZI7Z8DM7NMMNMMMMMMMMOI. .,=~~.~~+I?:???==~????II? + I??:==?I++I?~==+=~:.?I7I77$?IZ$ZODDOIDNNNNNMMMMNM8?.:. ,,+=,::~+==II=~,=?+?IIIII + ??I:?=,=+++?II+=:,:, +77777$$777ODDMMNO~DNNNDD8?..::: .,,+~.,::=??????=+?IIIII?I + ????++=~:=?IIIII=~:: ~~+II77$$7$ZO8NMMMND.+: .=7+=~ ,,:?...~II??+??I?+??IIII?I + ??III7II+~:?II7+II?, ~,:,~7777$$$I$8DNMMNO .~I .Z:.,:~: ,+???+=,IIIIII??IIIII + ???I7I:,~=:,+II+=~I??:.,,,.:77777777$ODMM8 .:+ZI. ,~,..~~ :II?==~:?II??IIIIIIIII + No matter where you go, everyone's connected + + my name is tzlil, i'm 18 and from israel + i currently work as a security researcher + but in a few months i will be drafted to the army + + i like music <a href="https://fm.tzlil.net">https://fm.tzlil.net</a> + + my interests: + plan9 + lambda calculus + functional programming + binary exploitation + keyboards and layouts + yggdrasil + nixos + + my wares: + hard: + aurora lily58 with sunset kailh low profile + laptop(s): + - lenovo v14 + + phone: + - google pixel 7 + + OUT OF COMMISSION + <s>desktop:</s> + <s>- amd ryzen 5 5600g</s> + + soft: + <a href="/cgit/flake.git">nixos</a> + keepassxc + syncthing + tailscale (to mesh between my devices) + grapheneos + <a href="/cgit/flake.git/tree/hosts/vps/hydrus.nix">hydrus</a> + + ctfs i played in: + google ctf 2023 - 96th place (solo) + tfcctf 2022 - 4th place + google ctf 2022 - 100th place + + contact info: + tzlil:tzlil.net + tzlils@protonmail.com + tzlil@irc.libera.chat + + /cgit/ for repositories + </pre> + ''} / + file_server + } + ''; + }; + }; + networking.firewall.allowedTCPPorts = [80 443]; + + environment.persistence."/nix/persist".directories = [ + { + directory = "/var/lib/caddy"; + user = "caddy"; + group = "caddy"; + } + ]; + }; +} |