From dbc52af28cf5d3857d6b6a11e78fb5991e8e0f96 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Samuel=20=C5=A0tancl?= Date: Fri, 15 Aug 2025 17:01:06 +0200 Subject: [PATCH] composer in PATH, nginx default_server --- README.md | 18 ++++++++++++++++++ laravel.nix | 3 +++ 2 files changed, 21 insertions(+) diff --git a/README.md b/README.md index 37bd0e3..f2aeefe 100644 --- a/README.md +++ b/README.md @@ -171,6 +171,24 @@ The module doesn't handle www redirects automatically. This may be added in the At this time, I'd recommend handling basic redirects like that on Cloudflare. +### Default nginx server + +Out of the box, if nginx cannot match an incoming request's host to a specific virtual host it will +just use _some_ vhost. You can prevent behavior that by adding a module like this: + +```nix +{ + services.nginx.virtualHosts."catchall" = { + default = true; + locations."/".return = "444"; + rejectSSL = true; + }; +} +``` + +This creates a `default_server` vhost that returns an empty response to any request. The name of the +vhost is irrelevant. + ### Authenticated Origin Pulls (AOP) To make your sites reachable ONLY using Cloudflare, you can use [authenticated origin diff --git a/laravel.nix b/laravel.nix index ec2d6df..30f8bd6 100644 --- a/laravel.nix +++ b/laravel.nix @@ -40,7 +40,10 @@ in { networking.firewall.allowedTCPPorts = [ 80 ] ++ lib.optionals ssl [ 443 ]; # Create welcome message for user + # todo: the created /etc file should ideally be 0750 environment.etc."laravel-${name}-bashrc".text = '' + export PATH="$HOME/.config/composer/vendor/bin/:$PATH" + # Laravel site welcome message echo "Welcome to ${name} Laravel site!" echo "Domains: ${lib.concatStringsSep ", " domains}"