1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
|
{
pkgs,
config,
lib,
...
}: {
options.website.defaultHeaders = lib.mkOption {
type = lib.types.str;
default = ''
header {
-Server
-Date
-Last-Modified
-Etag
-Accept-Ranges
# disable indexing by search engines
X-Robots-Tag "noindex, nofollow"
# disable FLoC tracking
# Permissions-Policy interest-cohort=()
# enable HSTS
# Strict-Transport-Security max-age=31536000;
# disable clients from sniffing the media type
# X-Content-Type-Options nosniff
# clickjacking protection
# X-Frame-Options DENY
# keep referrer data off of HTTP connections
# Referrer-Policy no-referrer-when-downgrade
}
'';
};
config = {
services.caddy = {
enable = true;
virtualHosts = {
"tzlil.net".extraConfig = ''
bind 0.0.0.0
handle_path / {
try_files ${pkgs.writeText "index.html" ''
<style>
@media (prefers-color-scheme: dark) {
body { background-color: #121212; color: #d4d4d4; }
a { color: #7878ff; }
a:visited { color: #6464fa; }
}
.mail:before {
content: attr(b) "\0040" attr(a);
unicode-bidi: bidi-override;
direction: rtl;
</style>
<pre>
~?~+=I?~~IIIII++,: .?= .,I=O8OZ.DNNO, ZD7:::=.? ,,:,,I,,:,~+?II?I?II?=+=~+7$ZO
?==++??==+I???7..:. :II$77?I+ID~NND8.ZMN7~=~I7:,., :?7,.,.~+?I???????,+~7+$ZOZ
7+===I+~===?I77: ? ,$7$.:.,I?=7NNNINMMMNOI=++ .~==I$7, ..++?I???I+=?.+:O+ZZOZ
===++I+==?III??I,?, ~I7NN,.. ??ONNNMMMD$777$7I$ZOO$7?....+=????I~=+,:+,O8DNMM
~=~==7II=+I?II7I,I+,8Z.II8D+=~:.,7$NMMMMMN8$7~. .. :88I. ..?=?++I:~+=.~~~NMMMNN
~====II?I~+?I?$7I?~8D7+7$ZZNONDN8Z8NMMMMMMNNON:=. :,$.I7 .,+=??I:,=, .:,=DNNMMN
=+?==+==?~+=I?$$I+88D:I$8NMNDDNNNDNNNMMMMMMMMM8I$77=MMDO. :~=+?,,, .~,?8DDD8D
=~=+==I7I=IIIIO$=~OOD=I7ODNNNNMNNDNDNMMMMMMMMNO$O+OZ 78.,.I::++:.. .,::=888OOO
===I=I?~=?I???$I$?OODZ=7Z8NDONNN7D88MMMMMMMMMMNNNN8DNN~..~:7,,+7?,:,:::+8=Z888OO
~+===7?=??I????7Z7ZOD8I777$+NNN:OOZOMMMMMMMMMMMMMMNMM+..~=?=O:+?::=+~:~+IDD888OZ
I==II??=I???=::7OI?O88Z=I~,?ZDD,Z$IDMMMMMMMMMMMMMMMM:$$?.~?+=?:,~+?I??==+++I8OOO
==+++??+=.,~,~:7Z$?7I77$=. $I$8I$7+~8NMMMMMMMMMMMMDDMN$ ,:+?=.~==?II+++=+=?II+OZ
==+?+I?,=:+?=~~??I++~7$$$= 777Z,$Z$$ONNMMMMMMMMMMMMMM8? .~=?:.==+?I~+?=+=??II?I8
?=+?I:=~??II=~~, II?+ 7$7?=?77$?$Z:8NMMMNMMMMMMMMMMMD7 ,,===::~=?II.??++?++III+~
??+.I+I=+I+??=~=~ =I+:?7$77?$$$ZI7Z8DM7NMMNMMMMMMMMOI. .,=~~.~~+I?:???==~????II?
I??:==?I++I?~==+=~:.?I7I77$?IZ$ZODDOIDNNNNNMMMMNM8?.:. ,,+=,::~+==II=~,=?+?IIIII
??I:?=,=+++?II+=:,:, +77777$$777ODDMMNO~DNNNDD8?..::: .,,+~.,::=??????=+?IIIII?I
????++=~:=?IIIII=~:: ~~+II77$$7$ZO8NMMMND.+: .=7+=~ ,,:?...~II??+??I?+??IIII?I
??III7II+~:?II7+II?, ~,:,~7777$$$I$8DNMMNO .~I .Z:.,:~: ,+???+=,IIIIII??IIIII
???I7I:,~=:,+II+=~I??:.,,,.:77777777$ODMM8 .:+ZI. ,~,..~~ :II?==~:?II??IIIIIIIII
No matter where you go, everyone's connected
<a href="https://fm.tzlil.net">fm.tzlil.net</a> music
<a href="https://git.tzlil.net">git.tzlil.net</a> code
<a href="/arXiv">arXiv randomizer</a>
matrix @tzlil:tzlil.net
email tzlils protonmail com
</pre>
''} /
file_server
}
'';
};
};
networking.firewall.allowedTCPPorts = [80 443];
environment.persistence."/nix/persist".directories = [
{
directory = "/var/lib/caddy";
user = "caddy";
group = "caddy";
}
];
};
}
|