diff --git a/bert/configuration.nix b/bert/configuration.nix index c541597..e26c1ef 100644 --- a/bert/configuration.nix +++ b/bert/configuration.nix @@ -58,6 +58,14 @@ services.openssh.settings.PasswordAuthentication = false; users.users.root.openssh.authorizedKeys.keys = [''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEhPyyqS3BGYor3zLbjc8hZuhem3mS8TNmvWogXcnz/b chandler@chandlerswift.com'' ]; + users.users.isaac = { + isNormalUser = true; + description = "Isaac Swift"; + openssh.authorizedKeys.keys = [ + # TODO + ]; + }; + networking.firewall.allowedTCPPorts = [ 80 # Caddy 443 # Caddy diff --git a/bert/services/http/index.nix b/bert/services/http/index.nix index 312faa9..457bfb2 100644 --- a/bert/services/http/index.nix +++ b/bert/services/http/index.nix @@ -5,6 +5,7 @@ ./git.chandlerswift.com.nix ./harborpaperco.com.nix ./home.chandlerswift.com.nix + ./isaacswift.com.nix ./katherineandchandler.com.nix ./maps.chandlerswift.com.nix ./music.chandlerswift.com.nix diff --git a/bert/services/http/isaacswift.com.nix b/bert/services/http/isaacswift.com.nix new file mode 100644 index 0000000..e9de32f --- /dev/null +++ b/bert/services/http/isaacswift.com.nix @@ -0,0 +1,23 @@ + +{ + services.caddy.virtualHosts."isaacswift.com" = { + serverAliases = ["www.isaacswift.com"]; + extraConfig = '' + encode zstd gzip + file_server + root * /srv/www/isaacswift.com + # hide .git # ??? + + handle_errors { + respond "{err.status_code} {err.status_text}" + } + ''; + }; + systemd.tmpfiles.settings."10-isaacswift-com" = { + "/srv/www/isaacswift.com" = { + d = { + user = "isaac"; + }; + }; + }; +}