38 lines
1.1 KiB
Nix
38 lines
1.1 KiB
Nix
{
|
|
services.nginx = {
|
|
enable = true;
|
|
commonHttpConfig = "proxy_cache_path /var/cache/mediacache levels=2:2:2 keys_zone=akkoma_media_cache:25m inactive=1y use_temp_path=off min_free=10G;";
|
|
virtualHosts."mail.chir.rs".listen = [
|
|
{
|
|
addr = "127.0.0.1";
|
|
port = 24153;
|
|
}
|
|
];
|
|
virtualHosts."mediaproxy.int.chir.rs" = {
|
|
listen = [
|
|
{
|
|
addr = "127.0.0.1";
|
|
port = 24154;
|
|
}
|
|
];
|
|
extraConfig = ''
|
|
location ~ ^/(media|proxy) {
|
|
proxy_cache akkoma_media_cache;
|
|
proxy_cache_key $host$uri$is_args$args;
|
|
proxy_http_version 1.1;
|
|
proxy_cache_valid 206 301 302 304 1h;
|
|
proxy_cache_valid 200 1y;
|
|
proxy_cache_use_stale error timeout invalid_header updating;
|
|
proxy_ignore_client_abort on;
|
|
proxy_buffering on;
|
|
proxy_cache_lock on;
|
|
proxy_pass http://127.0.0.1:4000;
|
|
}
|
|
'';
|
|
};
|
|
};
|
|
systemd.tmpfiles.rules = [
|
|
"d '/var/cache/mediacache' 0750 nginx nginx - -"
|
|
];
|
|
systemd.services.nginx.serviceConfig.ReadWritePaths = ["/var/cache/mediacache"];
|
|
}
|