add error pages to nginx
This commit is contained in:
parent
6bcbb04045
commit
94a9b85a22
3 changed files with 81 additions and 46 deletions
|
@ -1,4 +1,32 @@
|
|||
{ config, lib, pkgs, ... }: {
|
||||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
|
||||
errorPages = pkgs.fetchgit {
|
||||
url = "https://git.ingolf-wagner.de/palo/http-errors.git";
|
||||
rev = "66948c13b9bbe5f3fe7a5146eceb76b97c436069";
|
||||
sha256 = "0qkw7nb883fna0qgvhky20c3dagxph56aiy2rrf359w7lxch1k1h";
|
||||
};
|
||||
error = {
|
||||
extraConfig = ''
|
||||
error_page 400 /errors/400.html;
|
||||
error_page 401 /errors/401.html;
|
||||
error_page 402 /errors/402.html;
|
||||
error_page 403 /errors/403.html;
|
||||
error_page 404 /errors/404.html;
|
||||
error_page 405 /errors/405.html;
|
||||
error_page 406 /errors/406.html;
|
||||
error_page 500 /errors/500.html;
|
||||
error_page 501 /errors/501.html;
|
||||
error_page 502 /errors/502.html;
|
||||
error_page 503 /errors/503.html;
|
||||
error_page 504 /errors/504.html;
|
||||
'';
|
||||
locations."^~ /errors/" = {
|
||||
extraConfig = "internal;";
|
||||
root = "${errorPages}/";
|
||||
};
|
||||
};
|
||||
in {
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 80 443 4443 ];
|
||||
networking.firewall.allowedUDPPorts = [ 80 443 4443 ];
|
||||
|
@ -23,7 +51,11 @@
|
|||
];
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = { proxyPass = "http://workhorse.private:3000"; };
|
||||
extraConfig = error.extraConfig;
|
||||
|
||||
locations = {
|
||||
"/" = { proxyPass = "http://workhorse.private:3000"; };
|
||||
} // error.locations;
|
||||
};
|
||||
|
||||
"paste.ingolf-wagner.de" = {
|
||||
|
@ -41,22 +73,12 @@
|
|||
];
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = { proxyPass = "http://workhorse.private:8000"; };
|
||||
extraConfig = error.extraConfig;
|
||||
locations = {
|
||||
"/" = { proxyPass = "http://workhorse.private:8000"; };
|
||||
} // error.locations;
|
||||
};
|
||||
|
||||
#"landing.ingolf-wagner.de" = {
|
||||
# default = true;
|
||||
# listen = [
|
||||
# { addr = "0.0.0.0"; port = 4443; ssl = true; }
|
||||
# { addr = "0.0.0.0"; port = 80; ssl = false; }
|
||||
# ];
|
||||
# forceSSL = true;
|
||||
# enableACME = true;
|
||||
# locations."/" = {
|
||||
# root = "/srv/www/ingolf-wagner.de";
|
||||
# };
|
||||
#};
|
||||
|
||||
"travel.ingolf-wagner.de" = {
|
||||
listen = [
|
||||
{
|
||||
|
@ -72,14 +94,17 @@
|
|||
];
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = {
|
||||
root = "/srv/www/travel";
|
||||
extraConfig = ''
|
||||
if (-d $request_filename) {
|
||||
rewrite [^/]$ $scheme://$http_host$request_uri/ permanent;
|
||||
}
|
||||
'';
|
||||
};
|
||||
extraConfig = error.extraConfig;
|
||||
locations = {
|
||||
"/" = {
|
||||
root = "/srv/www/travel";
|
||||
extraConfig = ''
|
||||
if (-d $request_filename) {
|
||||
rewrite [^/]$ $scheme://$http_host$request_uri/ permanent;
|
||||
}
|
||||
'';
|
||||
};
|
||||
} // error.locations;
|
||||
};
|
||||
|
||||
"tech.ingolf-wagner.de" = {
|
||||
|
@ -97,14 +122,17 @@
|
|||
];
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = {
|
||||
root = "/srv/www/tech";
|
||||
extraConfig = ''
|
||||
if (-d $request_filename) {
|
||||
rewrite [^/]$ $scheme://$http_host$request_uri/ permanent;
|
||||
}
|
||||
'';
|
||||
};
|
||||
extraConfig = error.extraConfig;
|
||||
locations = {
|
||||
"/" = {
|
||||
root = "/srv/www/tech";
|
||||
extraConfig = ''
|
||||
if (-d $request_filename) {
|
||||
rewrite [^/]$ $scheme://$http_host$request_uri/ permanent;
|
||||
}
|
||||
'';
|
||||
};
|
||||
} // error.locations;
|
||||
};
|
||||
|
||||
"terranix.org" = {
|
||||
|
@ -122,14 +150,17 @@
|
|||
];
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = {
|
||||
root = "/srv/www/terranix";
|
||||
extraConfig = ''
|
||||
if (-d $request_filename) {
|
||||
rewrite [^/]$ $scheme://$http_host$request_uri/ permanent;
|
||||
}
|
||||
'';
|
||||
};
|
||||
extraConfig = error.extraConfig;
|
||||
locations = {
|
||||
"/" = {
|
||||
root = "/srv/www/terranix";
|
||||
extraConfig = ''
|
||||
if (-d $request_filename) {
|
||||
rewrite [^/]$ $scheme://$http_host$request_uri/ permanent;
|
||||
}
|
||||
'';
|
||||
};
|
||||
} // error.locations;
|
||||
};
|
||||
|
||||
"chat.ingolf-wagner.de" = {
|
||||
|
@ -147,6 +178,7 @@
|
|||
];
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
extraConfig = error.extraConfig;
|
||||
locations = {
|
||||
"/" = {
|
||||
proxyPass = "http://chat.workhorse.private";
|
||||
|
@ -156,7 +188,7 @@
|
|||
sub_filter "chat.workhorse.private" "chat.ingolf-wagner.de";
|
||||
'';
|
||||
};
|
||||
};
|
||||
} // error.locations;
|
||||
};
|
||||
|
||||
"nextcloud.ingolf-wagner.de" = {
|
||||
|
@ -174,6 +206,7 @@
|
|||
];
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
extraConfig = error.extraConfig;
|
||||
locations = {
|
||||
"/" = {
|
||||
proxyPass = "http://nextcloud.workhorse.private";
|
||||
|
@ -193,7 +226,7 @@
|
|||
extraConfig = "return 301 $scheme://$host/remote.php/dav;";
|
||||
};
|
||||
|
||||
};
|
||||
} // error.locations;
|
||||
};
|
||||
|
||||
"gaykraft.com" = {
|
||||
|
@ -211,7 +244,10 @@
|
|||
];
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = { root = "/srv/www/gaykraft"; };
|
||||
extraConfig = error.extraConfig;
|
||||
locations = {
|
||||
"/" = { root = "/srv/www/gaykraft"; };
|
||||
} // error.locations;
|
||||
};
|
||||
|
||||
};
|
||||
|
|
|
@ -26,7 +26,6 @@ rustPlatform.buildRustPackage rec {
|
|||
'';
|
||||
nativeBuildInputs = [ makeWrapper ];
|
||||
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "An interactive cheatsheet tool for the command-line";
|
||||
homepage = "https://github.com/denisidoro/navi";
|
||||
|
|
|
@ -12,8 +12,8 @@ in {
|
|||
recommendedProxySettings = lib.mkDefault true;
|
||||
recommendedTlsSettings = lib.mkDefault true;
|
||||
|
||||
# for graylog logging
|
||||
commonHttpConfig = ''
|
||||
# for graylog logging
|
||||
log_format graylog2_json escape=json '{ "timestamp": "$time_iso8601", '
|
||||
'"facility": "nginx", '
|
||||
'"src_addr": "$remote_addr", '
|
||||
|
@ -28,9 +28,9 @@ in {
|
|||
'"http_x_forwarded_for": "$http_x_forwarded_for",'
|
||||
'"http_referrer": "$http_referer", '
|
||||
'"http_user_agent": "$http_user_agent" }';
|
||||
|
||||
access_log syslog:server=${access_log_sink} graylog2_json;
|
||||
error_log syslog:server=${error_log_sink};
|
||||
|
||||
'';
|
||||
};
|
||||
|
||||
|
|
Loading…
Reference in a new issue