From 73d36d54cd6ada4fef5d128325bc4608d5b04426 Mon Sep 17 00:00:00 2001 From: Luke Granger-Brown Date: Sun, 1 Dec 2024 11:17:38 +0000 Subject: [PATCH] rexxar: add userdir for samw --- ops/nixos/rexxar/default.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/ops/nixos/rexxar/default.nix b/ops/nixos/rexxar/default.nix index 498f38caa8..55e417ab28 100644 --- a/ops/nixos/rexxar/default.nix +++ b/ops/nixos/rexxar/default.nix @@ -526,10 +526,20 @@ reverse_proxy unix//run/seaweedfs-filer/s3.sock ''; }; + virtualHosts."rexxar.as205479.net" = { + extraConfig = '' + handle_path /~samw/* { + root /home/samw/public_html + file_server browse + } + ''; + }; }; systemd.services.caddy.serviceConfig = { SupplementaryGroups = lib.mkAfter [ "acme" ]; + ProtectHome = lib.mkForce "tmpfs"; ReadOnlyPaths = lib.mkAfter [ "/var/lib/acme" ]; + BindReadOnlyPaths = lib.mkAfter [ "/home/samw/public_html" ]; }; my.fup.listen = [];