58 lines
1.3 KiB
Nix
Executable file
58 lines
1.3 KiB
Nix
Executable file
{
|
|
elmskell-blog,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}: let
|
|
botPolicies-nix = {
|
|
dnsbl = false;
|
|
status_codes = {
|
|
CHALLENGE = 200;
|
|
DENY = 200;
|
|
};
|
|
bots = [
|
|
{
|
|
name = "catch-everything";
|
|
user_agent_regex = ".*";
|
|
action = "CHALLENGE";
|
|
}
|
|
];
|
|
};
|
|
ferron-conf-nix = {
|
|
global = {
|
|
port = 8181;
|
|
secure = false;
|
|
wwwroot = "${elmskell-blog.packages.x86_64-linux.default}/wwwroot";
|
|
};
|
|
};
|
|
in {
|
|
services.anubis = {
|
|
instances.blog = {
|
|
enable = true;
|
|
settings = {
|
|
BIND = "[::1]:9181";
|
|
BIND_NETWORK = "tcp";
|
|
DIFFICULTY = 4;
|
|
METRICS_BIND = "[::1]:9182";
|
|
METRICS_BIND_NETWORK = "tcp";
|
|
POLICY_FNAME = "/etc/anubis/blog.botPolicies.yaml";
|
|
TARGET = "http://localhost:8181";
|
|
};
|
|
};
|
|
};
|
|
environment.etc."anubis/blog.botPolicies.yaml" = {
|
|
source = (pkgs.formats.yaml {}).generate "" botPolicies-nix;
|
|
mode = "644";
|
|
};
|
|
systemd.services.blog-ferron = {
|
|
serviceConfig = {
|
|
Type = "simple";
|
|
ExecStart = "${lib.getExe pkgs.ferron} --config=/etc/blog.ferron.yaml";
|
|
RemainAfterExit = true;
|
|
};
|
|
};
|
|
environment.etc."blog.ferron.yaml" = {
|
|
source = (pkgs.formats.yaml {}).generate "" ferron-conf-nix;
|
|
mode = "644";
|
|
};
|
|
}
|