diff options
Diffstat (limited to 'modules/tlmp/default.nix')
| -rw-r--r-- | modules/tlmp/default.nix | 24 |
1 files changed, 23 insertions, 1 deletions
diff --git a/modules/tlmp/default.nix b/modules/tlmp/default.nix index ddb9ff3..8019ccd 100644 --- a/modules/tlmp/default.nix +++ b/modules/tlmp/default.nix @@ -44,7 +44,7 @@ with self.lib.nginx; services.rutorrent = { enable = true; hostName = "torrent.media.cocaine.farm"; - plugins = lib.mkForce [ "data" "diskspace" "edit" "erasedata" "theme" "trafic" ]; + plugins = lib.mkForce [ "httprpc" "data" "diskspace" "edit" "erasedata" "theme" "trafic" ]; nginx.enable = true; }; @@ -73,12 +73,34 @@ with self.lib.nginx; port = 80; }]; + serverAliases = [ "phaenn.wg.vapor.systems" ]; + locations."/RPC2" = { extraConfig = '' include ${pkgs.nginx}/conf/scgi_params; scgi_pass unix:/run/rtorrent/rpc.sock; ''; }; + + root = config.services.rutorrent.dataDir; + locations = { + "~ [^/]\\.php(/|$)" = { + extraConfig = '' + fastcgi_split_path_info ^(.+?\.php)(/.*)$; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + # Mitigate https://httpoxy.org/ vulnerabilities + fastcgi_param HTTP_PROXY ""; + + fastcgi_pass unix:${config.services.phpfpm.pools.rutorrent.socket}; + fastcgi_index index.php; + + include ${pkgs.nginx}/conf/fastcgi.conf; + ''; + }; + }; }; }; }; |