add error pages to nginx

This commit is contained in:
Ingolf Wagner 2020-03-15 22:52:02 +08:00
parent 6bcbb04045
commit 94a9b85a22
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
3 changed files with 81 additions and 46 deletions

View file

@ -1,4 +1,32 @@
{ config, lib, pkgs, ... }: {
{ config, lib, pkgs, ... }:
let
errorPages = pkgs.fetchgit {
url = "https://git.ingolf-wagner.de/palo/http-errors.git";
rev = "66948c13b9bbe5f3fe7a5146eceb76b97c436069";
sha256 = "0qkw7nb883fna0qgvhky20c3dagxph56aiy2rrf359w7lxch1k1h";
};
error = {
extraConfig = ''
error_page 400 /errors/400.html;
error_page 401 /errors/401.html;
error_page 402 /errors/402.html;
error_page 403 /errors/403.html;
error_page 404 /errors/404.html;
error_page 405 /errors/405.html;
error_page 406 /errors/406.html;
error_page 500 /errors/500.html;
error_page 501 /errors/501.html;
error_page 502 /errors/502.html;
error_page 503 /errors/503.html;
error_page 504 /errors/504.html;
'';
locations."^~ /errors/" = {
extraConfig = "internal;";
root = "${errorPages}/";
};
};
in {
networking.firewall.allowedTCPPorts = [ 80 443 4443 ];
networking.firewall.allowedUDPPorts = [ 80 443 4443 ];
@ -23,7 +51,11 @@
];
forceSSL = true;
enableACME = true;
locations."/" = { proxyPass = "http://workhorse.private:3000"; };
extraConfig = error.extraConfig;
locations = {
"/" = { proxyPass = "http://workhorse.private:3000"; };
} // error.locations;
};
"paste.ingolf-wagner.de" = {
@ -41,22 +73,12 @@
];
forceSSL = true;
enableACME = true;
locations."/" = { proxyPass = "http://workhorse.private:8000"; };
extraConfig = error.extraConfig;
locations = {
"/" = { proxyPass = "http://workhorse.private:8000"; };
} // error.locations;
};
#"landing.ingolf-wagner.de" = {
# default = true;
# listen = [
# { addr = "0.0.0.0"; port = 4443; ssl = true; }
# { addr = "0.0.0.0"; port = 80; ssl = false; }
# ];
# forceSSL = true;
# enableACME = true;
# locations."/" = {
# root = "/srv/www/ingolf-wagner.de";
# };
#};
"travel.ingolf-wagner.de" = {
listen = [
{
@ -72,14 +94,17 @@
];
forceSSL = true;
enableACME = true;
locations."/" = {
root = "/srv/www/travel";
extraConfig = ''
if (-d $request_filename) {
rewrite [^/]$ $scheme://$http_host$request_uri/ permanent;
}
'';
};
extraConfig = error.extraConfig;
locations = {
"/" = {
root = "/srv/www/travel";
extraConfig = ''
if (-d $request_filename) {
rewrite [^/]$ $scheme://$http_host$request_uri/ permanent;
}
'';
};
} // error.locations;
};
"tech.ingolf-wagner.de" = {
@ -97,14 +122,17 @@
];
forceSSL = true;
enableACME = true;
locations."/" = {
root = "/srv/www/tech";
extraConfig = ''
if (-d $request_filename) {
rewrite [^/]$ $scheme://$http_host$request_uri/ permanent;
}
'';
};
extraConfig = error.extraConfig;
locations = {
"/" = {
root = "/srv/www/tech";
extraConfig = ''
if (-d $request_filename) {
rewrite [^/]$ $scheme://$http_host$request_uri/ permanent;
}
'';
};
} // error.locations;
};
"terranix.org" = {
@ -122,14 +150,17 @@
];
forceSSL = true;
enableACME = true;
locations."/" = {
root = "/srv/www/terranix";
extraConfig = ''
if (-d $request_filename) {
rewrite [^/]$ $scheme://$http_host$request_uri/ permanent;
}
'';
};
extraConfig = error.extraConfig;
locations = {
"/" = {
root = "/srv/www/terranix";
extraConfig = ''
if (-d $request_filename) {
rewrite [^/]$ $scheme://$http_host$request_uri/ permanent;
}
'';
};
} // error.locations;
};
"chat.ingolf-wagner.de" = {
@ -147,6 +178,7 @@
];
forceSSL = true;
enableACME = true;
extraConfig = error.extraConfig;
locations = {
"/" = {
proxyPass = "http://chat.workhorse.private";
@ -156,7 +188,7 @@
sub_filter "chat.workhorse.private" "chat.ingolf-wagner.de";
'';
};
};
} // error.locations;
};
"nextcloud.ingolf-wagner.de" = {
@ -174,6 +206,7 @@
];
forceSSL = true;
enableACME = true;
extraConfig = error.extraConfig;
locations = {
"/" = {
proxyPass = "http://nextcloud.workhorse.private";
@ -193,7 +226,7 @@
extraConfig = "return 301 $scheme://$host/remote.php/dav;";
};
};
} // error.locations;
};
"gaykraft.com" = {
@ -211,7 +244,10 @@
];
forceSSL = true;
enableACME = true;
locations."/" = { root = "/srv/www/gaykraft"; };
extraConfig = error.extraConfig;
locations = {
"/" = { root = "/srv/www/gaykraft"; };
} // error.locations;
};
};

View file

@ -26,7 +26,6 @@ rustPlatform.buildRustPackage rec {
'';
nativeBuildInputs = [ makeWrapper ];
meta = with stdenv.lib; {
description = "An interactive cheatsheet tool for the command-line";
homepage = "https://github.com/denisidoro/navi";

View file

@ -12,8 +12,8 @@ in {
recommendedProxySettings = lib.mkDefault true;
recommendedTlsSettings = lib.mkDefault true;
# for graylog logging
commonHttpConfig = ''
# for graylog logging
log_format graylog2_json escape=json '{ "timestamp": "$time_iso8601", '
'"facility": "nginx", '
'"src_addr": "$remote_addr", '
@ -28,9 +28,9 @@ in {
'"http_x_forwarded_for": "$http_x_forwarded_for",'
'"http_referrer": "$http_referer", '
'"http_user_agent": "$http_user_agent" }';
access_log syslog:server=${access_log_sink} graylog2_json;
error_log syslog:server=${error_log_sink};
'';
};