tangled.org
+10
-10
flake.lock
+10
-10
flake.lock
···
256
256
},
257
257
"nixpkgs_2": {
258
258
"locked": {
259
-
"lastModified": 1767379071,
260
-
"narHash": "sha256-EgE0pxsrW9jp9YFMkHL9JMXxcqi/OoumPJYwf+Okucw=",
259
+
"lastModified": 1767634882,
260
+
"narHash": "sha256-2GffSfQxe3sedHzK+sTKlYo/NTIAGzbFCIsNMUPAAnk=",
261
261
"owner": "nixos",
262
262
"repo": "nixpkgs",
263
-
"rev": "fb7944c166a3b630f177938e478f0378e64ce108",
263
+
"rev": "3c9db02515ef1d9b6b709fc60ba9a540957f661c",
264
264
"type": "github"
265
265
},
266
266
"original": {
267
267
"owner": "nixos",
268
-
"ref": "nixos-unstable",
268
+
"ref": "nixos-25.11",
269
269
"repo": "nixpkgs",
270
270
"type": "github"
271
271
}
···
354
354
"sqlite-lib-src": "sqlite-lib-src"
355
355
},
356
356
"locked": {
357
-
"lastModified": 1767683698,
358
-
"narHash": "sha256-MFrfNmTKTdOOsyXUvvqPwH6zqvDZZpURnd7QdJkVOgU=",
357
+
"lastModified": 1767767073,
358
+
"narHash": "sha256-BSZJ1TY5lGt7xNgFRtcKwYcSOI6VC2CHLfm7y/GgHwU=",
359
359
"ref": "refs/heads/master",
360
-
"rev": "b31a2a3590fefc4c70817f94a20076df2428b4d3",
361
-
"revCount": 1791,
360
+
"rev": "6dc86ffbed5a290ca6a4890caa2dadea5c8b8a81",
361
+
"revCount": 1792,
362
362
"type": "git",
363
-
"url": "https://tangled.org/@tangled.org/core"
363
+
"url": "https://tangled.org/tangled.org/core"
364
364
},
365
365
"original": {
366
366
"type": "git",
367
-
"url": "https://tangled.org/@tangled.org/core"
367
+
"url": "https://tangled.org/tangled.org/core"
368
368
}
369
369
}
370
370
},
+2
-2
flake.nix
+2
-2
flake.nix
···
2
2
description = "nix infra for tangled";
3
3
4
4
inputs = {
5
-
nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable";
6
-
tangled.url = "git+https://tangled.org/@tangled.org/core";
5
+
nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11";
6
+
tangled.url = "git+https://tangled.org/tangled.org/core";
7
7
colmena.url = "github:zhaofengli/colmena/release-0.4.x";
8
8
disko = {
9
9
url = "github:nix-community/disko";
+17
hosts/appview/services/nginx.nix
+17
hosts/appview/services/nginx.nix
···
7
7
recommendedOptimisation = true;
8
8
recommendedGzipSettings = true;
9
9
10
+
# bot blocking
11
+
appendHttpConfig = ''
12
+
map $http_user_agent $block_bot {
13
+
default 0;
14
+
~*PerplexityBot 1;
15
+
~*GPTBot 1;
16
+
~*ChatGPT-User 1;
17
+
~*CCBot 1;
18
+
~*anthropic-ai 1;
19
+
~*Claude-Web 1;
20
+
}
21
+
'';
22
+
10
23
streamConfig = ''
11
24
upstream knot-sailor {
12
25
server 94.237.110.185:22;
···
56
69
enableACME = true;
57
70
58
71
extraConfig = ''
72
+
if ($block_bot) {
73
+
return 403;
74
+
}
75
+
59
76
# Redirect www → bare domain
60
77
if ($host = www.tangled.org) {
61
78
return 301 https://tangled.org$request_uri;
+11
hosts/nixery/services/nginx.nix
+11
hosts/nixery/services/nginx.nix
···
1
+
{ tangled-pkgs, pkgs, ... }:
2
+
1
3
{
2
4
services.nginx = {
3
5
enable = true;
4
6
virtualHosts = {
7
+
"docs.tangled.org" = {
8
+
forceSSL = true;
9
+
enableACME = true;
10
+
root = "${tangled-pkgs.docs}";
11
+
locations."/" = {
12
+
tryFiles = "$uri $uri/ =404";
13
+
index = "index.html";
14
+
};
15
+
};
5
16
"nixery.tangled.sh" = {
6
17
forceSSL = true;
7
18
enableACME = true;