Epsilon_02/nix.nginx.vhost-defaults
1
0
Fork 0
mirror of https://github.com/SignalWalker/nix.nginx.vhost-defaults.git synced 2025-10-05 15:52:39 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
nix.nginx.vhost-defaults/nixos-module.nix
NotAFile c93fc25767 Match robot.txt location to others in nixpkgs 
This prevents "double declaration" errors
2025-03-27 17:01:55 +01:00

89 lines
3.1 KiB
Nix
Raw Permalink Blame History

{self}: {
config,
pkgs,
lib,
...
}:
with builtins; let
std = pkgs.lib;
nginx = config.services.nginx;
mkRobotsTxt = robots: let
agents = std.concatStringsSep "\n" (map (agent: "User-agent: ${agent}") robots);
in
pkgs.writeText "robots.txt" ''
${agents}
Disallow: /
'';
regexEscapes = ["\"" "[" "]" "(" ")" "{" "}" "^" "$" "+" "*" "." "|" "?" "\\"];
defaultBlockList = attrNames (fromJSON (readFile "${self.inputs.ai-robots-txt}/robots.json"));
in {
options = with lib; {
services.nginx = {
virtualHostDefaults = mkOption {
type = types.deferredModuleWith {
staticModules = [];
};
description = "Default configuration merged into every virtual host.";
default = {};
};
virtualHosts = mkOption {
# type-merge the `virtualHosts` submodule so we can import `nginx.virtualHostDefaults` into every virtualHost
type = types.attrsOf (types.submoduleWith {
# avoid conflict with default submodule declaration
shorthandOnlyDefinesConfig = true;
modules = [
nginx.virtualHostDefaults
({
config,
lib,
...
}: {
options = {
blockAgents = {
enable = mkEnableOption "blocking a set of user agents from accessing this virtual host.";
agents = mkOption {
type = types.listOf types.str;
description = "User agent strings to block from accessing this virtual host.";
default = defaultBlockList;
defaultText = "The user agent list from [github:ai-robots-txt/ai.robots.txt](https://github.com/ai-robots-txt/ai.robots.txt).";
example = ["Amazonbot" "AI2Bot" "Applebot"];
};
robotsTxt = {
enable = mkEnableOption "robots.txt";
};
method = mkOption {
type = types.str;
description = "Method by which to block agents.";
default = "return 444";
defaultText = "`return 444`, dropping the connection.";
example = "return 307 https://ash-speed.hetzner.com/10GB.bin";
};
};
};
config = lib.mkMerge [
(lib.mkIf (config.blockAgents.enable && (length config.blockAgents.agents) > 0) {
locations."= /robots.txt" = lib.mkIf config.blockAgents.robotsTxt.enable {
alias = mkRobotsTxt config.blockAgents.agents;
};
extraConfig = let
agentRules = lib.concatStringsSep "|" (map (lib.strings.escape regexEscapes) config.blockAgents.agents);
in ''
if ($http_user_agent ~* "(${agentRules})") {
${config.blockAgents.method};
}
'';
})
];
})
];
});
};
};
};
disabledModules = [];
imports = [];
config = {};
meta = {};
}
Reference in New Issue View Git Blame Copy Permalink