2024-05-24 11:42:49 -04:00
|
|
|
{
|
|
|
|
|
lib,
|
|
|
|
|
config,
|
|
|
|
|
pkgs,
|
|
|
|
|
...
|
|
|
|
|
}:
|
|
|
|
|
with lib;
|
|
|
|
|
with lib.custom; let
|
|
|
|
|
cfg = config.sites.mirror;
|
|
|
|
|
in {
|
|
|
|
|
options.sites.mirror = with types; {
|
|
|
|
|
enable = mkBoolOpt false "Enable ArchLinux Mirror";
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
config = mkIf cfg.enable {
|
|
|
|
|
systemd.timers."mirror-update" = {
|
|
|
|
|
wantedBy = ["timers.target"];
|
|
|
|
|
timerConfig = {
|
|
|
|
|
OnBootSec = "1h";
|
|
|
|
|
OnUnitActiveSec = "1h";
|
|
|
|
|
Unit = "mirror-update.service";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
systemd.services."mirror-update" = {
|
|
|
|
|
script = ''
|
|
|
|
|
${pkgs.rsync}/bin/rsync -vPa rsync://mirrors.lug.mtu.edu/archlinux/ /var/www/mirror.zackmyers.io/archlinux/
|
|
|
|
|
'';
|
|
|
|
|
serviceConfig = {
|
|
|
|
|
Type = "oneshot";
|
|
|
|
|
User = "root";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
services.nginx.virtualHosts."mirror.zackmyers.io" = {
|
|
|
|
|
forceSSL = true;
|
|
|
|
|
enableACME = true;
|
|
|
|
|
root = "/var/www/mirror.zackmyers.io";
|
|
|
|
|
locations."/".extraConfig = ''
|
|
|
|
|
autoindex on;
|
|
|
|
|
'';
|
2025-03-22 16:03:07 -04:00
|
|
|
|
|
|
|
|
locations."~* \.iso$".extraConfig = ''
|
|
|
|
|
limit_req zone=iso_ratelimit burst=20 nodelay;
|
|
|
|
|
limit_conn iso_connlimit 5;
|
|
|
|
|
limit_rate_after 10m;
|
|
|
|
|
limit_rate 500k;
|
|
|
|
|
|
|
|
|
|
if ($http_user_agent ~* "Transmission") {
|
|
|
|
|
access_log /var/log/nginx/blocked_transmission.log combined;
|
|
|
|
|
return 403;
|
|
|
|
|
}
|
|
|
|
|
'';
|
2024-05-24 11:42:49 -04:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
}
|
