From f72f22b250ecf22657ffc9e6082086377031ea8a Mon Sep 17 00:00:00 2001
From: tzlil <tzlils@protonmail.com>
Date: Sun, 30 Jul 2023 13:19:39 +0300
Subject: clean up a bit

---
 hosts/vps/services/website.nix | 139 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 139 insertions(+)
 create mode 100644 hosts/vps/services/website.nix

(limited to 'hosts/vps/services/website.nix')

diff --git a/hosts/vps/services/website.nix b/hosts/vps/services/website.nix
new file mode 100644
index 0000000..5d1d48a
--- /dev/null
+++ b/hosts/vps/services/website.nix
@@ -0,0 +1,139 @@
+{
+  pkgs,
+  config,
+  lib,
+  ...
+}: {
+  options.website.defaultHeaders = lib.mkOption {
+    type = lib.types.str;
+    default = ''
+      header {
+        -Server
+        -Date
+        -Last-Modified
+        -Etag
+        -Accept-Ranges
+        # disable indexing by search engines
+
+        X-Robots-Tag "noindex, nofollow"
+
+       # disable FLoC tracking
+        # Permissions-Policy interest-cohort=()
+
+        # enable HSTS
+        # Strict-Transport-Security max-age=31536000;
+
+        # disable clients from sniffing the media type
+        # X-Content-Type-Options nosniff
+
+        # clickjacking protection
+        # X-Frame-Options DENY
+
+        # keep referrer data off of HTTP connections
+        # Referrer-Policy no-referrer-when-downgrade
+      }
+    '';
+  };
+  config = {
+    services.caddy = {
+      enable = true;
+      virtualHosts = {
+        "tzlil.net".extraConfig = ''
+          bind 0.0.0.0
+          handle_path / {
+            try_files ${pkgs.writeText "index.html" ''
+            <style>
+            @media (prefers-color-scheme: dark) {
+                body { background-color: #121212; color: #d4d4d4; }
+                a { color: #7878ff; }
+                a:visited { color: #6464fa; }
+            }
+            </style>
+            <pre>
+            ~?~+=I?~~IIIII++,:   .?= .,I=O8OZ.DNNO, ZD7:::=.? ,,:,,I,,:,~+?II?I?II?=+=~+7$ZO
+            ?==++??==+I???7..:.   :II$77?I+ID~NND8.ZMN7~=~I7:,., :?7,.,.~+?I???????,+~7+$ZOZ
+            7+===I+~===?I77:  ?   ,$7$.:.,I?=7NNNINMMMNOI=++ .~==I$7, ..++?I???I+=?.+:O+ZZOZ
+            ===++I+==?III??I,?,   ~I7NN,..  ??ONNNMMMD$777$7I$ZOO$7?....+=????I~=+,:+,O8DNMM
+            ~=~==7II=+I?II7I,I+,8Z.II8D+=~:.,7$NMMMMMN8$7~. ..  :88I. ..?=?++I:~+=.~~~NMMMNN
+            ~====II?I~+?I?$7I?~8D7+7$ZZNONDN8Z8NMMMMMMNNON:=. :,$.I7  .,+=??I:,=, .:,=DNNMMN
+            =+?==+==?~+=I?$$I+88D:I$8NMNDDNNNDNNNMMMMMMMMM8I$77=MMDO.  :~=+?,,,   .~,?8DDD8D
+            =~=+==I7I=IIIIO$=~OOD=I7ODNNNNMNNDNDNMMMMMMMMNO$O+OZ 78.,.I::++:..   .,::=888OOO
+            ===I=I?~=?I???$I$?OODZ=7Z8NDONNN7D88MMMMMMMMMMNNNN8DNN~..~:7,,+7?,:,:::+8=Z888OO
+            ~+===7?=??I????7Z7ZOD8I777$+NNN:OOZOMMMMMMMMMMMMMMNMM+..~=?=O:+?::=+~:~+IDD888OZ
+            I==II??=I???=::7OI?O88Z=I~,?ZDD,Z$IDMMMMMMMMMMMMMMMM:$$?.~?+=?:,~+?I??==+++I8OOO
+            ==+++??+=.,~,~:7Z$?7I77$=. $I$8I$7+~8NMMMMMMMMMMMMDDMN$ ,:+?=.~==?II+++=+=?II+OZ
+            ==+?+I?,=:+?=~~??I++~7$$$= 777Z,$Z$$ONNMMMMMMMMMMMMMM8? .~=?:.==+?I~+?=+=??II?I8
+            ?=+?I:=~??II=~~, II?+ 7$7?=?77$?$Z:8NMMMNMMMMMMMMMMMD7 ,,===::~=?II.??++?++III+~
+            ??+.I+I=+I+??=~=~ =I+:?7$77?$$$ZI7Z8DM7NMMNMMMMMMMMOI. .,=~~.~~+I?:???==~????II?
+            I??:==?I++I?~==+=~:.?I7I77$?IZ$ZODDOIDNNNNNMMMMNM8?.:. ,,+=,::~+==II=~,=?+?IIIII
+            ??I:?=,=+++?II+=:,:, +77777$$777ODDMMNO~DNNNDD8?..::: .,,+~.,::=??????=+?IIIII?I
+            ????++=~:=?IIIII=~:: ~~+II77$$7$ZO8NMMMND.+:   .=7+=~ ,,:?...~II??+??I?+??IIII?I
+            ??III7II+~:?II7+II?, ~,:,~7777$$$I$8DNMMNO   .~I  .Z:.,:~: ,+???+=,IIIIII??IIIII
+            ???I7I:,~=:,+II+=~I??:.,,,.:77777777$ODMM8 .:+ZI. ,~,..~~ :II?==~:?II??IIIIIIIII
+            No matter where you go, everyone's connected
+
+            my name is tzlil, i'm 18 and from israel
+            i currently work as a security researcher
+            but in a few months i will be drafted to the army
+
+            i like music <a href="https://fm.tzlil.net">https://fm.tzlil.net</a>
+
+            my interests:
+            plan9
+            lambda calculus
+            functional programming
+            binary exploitation
+            keyboards and layouts
+            yggdrasil
+            nixos
+
+            my wares:
+            hard:
+              aurora lily58 with sunset kailh low profile
+              laptop(s):
+              - lenovo v14
+
+              phone:
+              - google pixel 7
+
+              OUT OF COMMISSION
+              <s>desktop:</s>
+              <s>- amd ryzen 5 5600g</s>
+
+            soft:
+              <a href="/cgit/flake.git">nixos</a>
+              keepassxc
+              syncthing
+              tailscale (to mesh between my devices)
+              grapheneos
+              <a href="/cgit/flake.git/tree/hosts/vps/hydrus.nix">hydrus</a>
+
+            ctfs i played in:
+              google ctf 2023 - 96th place (solo)
+              tfcctf 2022     - 4th place
+              google ctf 2022 - 100th place
+
+            contact info:
+            tzlil:tzlil.net
+            tzlils@protonmail.com
+            tzlil@irc.libera.chat
+
+            /cgit/ for repositories
+            </pre>
+          ''} /
+            file_server
+          }
+        '';
+      };
+    };
+    networking.firewall.allowedTCPPorts = [80 443];
+
+    environment.persistence."/nix/persist".directories = [
+      {
+        directory = "/var/lib/caddy";
+        user = "caddy";
+        group = "caddy";
+      }
+    ];
+  };
+}
-- 
cgit 1.4.1