jan-leila/volpe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: deployed application to tor

Browse source
This commit is contained in:
Leyla Becker 2026-02-11 18:57:53 -06:00
parent a330ae2b1c
commit 804cafad27
4 changed files with 92 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

6
_includes/base.njk
View file

@ -83,6 +83,12 @@
<!-- About site itself --> <!-- About site itself -->
<div> <div>
<a href="https://git.jan-leila.com/jan-leila/volpe">source</a> <a href="https://git.jan-leila.com/jan-leila/volpe">source</a>
<a href="http://2ggpzgonqsll5gi56u47aywu4qyl37eiu5jjrq7ma43z77ekkwuqxmid.onion" style="display: flex;">
<span style="display: inline-block; width: 24px; height: 24px; margin: 0 8px;">
<img src="{{ 'onion-icon.svg' | fileHash('assets') }}" alt="Tor Onion Logo" style="width: 100%; height: 100%;">
</span>
onion mirror
</a>
<span>&copy; {{ page.date.getFullYear() }} Volpe</span> <span>&copy; {{ page.date.getFullYear() }} Volpe</span>
</div> </div>
</footer> </footer>

6
assets/onion-icon.svg Normal file
View file

@ -0,0 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<svg width="100%" height="100%" viewBox="0 0 180 180" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
<g id="tor-glyph" stroke="none" stroke-width="1" fill="#000000" fill-rule="evenodd">
<path d="M90.1846205,163.631147 L90.1846205,152.721073 C124.743583,152.621278 152.726063,124.581416 152.726063,89.9975051 C152.726063,55.4160892 124.743583,27.3762266 90.1846205,27.2764318 L90.1846205,16.366358 C130.768698,16.4686478 163.633642,49.3909741 163.633642,89.9975051 C163.633642,130.606531 130.768698,163.531352 90.1846205,163.631147 Z M90.1846205,125.444642 C109.677053,125.342352 125.454621,109.517381 125.454621,89.9975051 C125.454621,70.4801242 109.677053,54.6551533 90.1846205,54.5528636 L90.1846205,43.6452847 C115.704663,43.7450796 136.364695,64.4550091 136.364695,89.9975051 C136.364695,115.542496 115.704663,136.252426 90.1846205,136.35222 L90.1846205,125.444642 Z M90.1846205,70.9167267 C100.640628,71.0165216 109.090758,79.5165493 109.090758,89.9975051 C109.090758,100.480956 100.640628,108.980984 90.1846205,109.080778 L90.1846205,70.9167267 Z M0,89.9975051 C0,139.705328 40.2921772,180 90,180 C139.705328,180 180,139.705328 180,89.9975051 C180,40.2921772 139.705328,0 90,0 C40.2921772,0 0,40.2921772 0,89.9975051 Z" id="tor-glyph" fill="#000000"></path>
</g>
</svg>
Side by side

After

Width:  |  Height:  |  Size: 1.3 KiB

34
nix/configuration.nix
View file

@ -35,8 +35,40 @@
services.volpe = { services.volpe = {
enable = true; enable = true;
domain = "blog.jan-leila.com"; domain = "blog.jan-leila.com";
extraDomains = ["volpe.jan-leila.com"]; extraDomains = [
"volpe.jan-leila.com"
"2ggpzgonqsll5gi56u47aywu4qyl37eiu5jjrq7ma43z77ekkwuqxmid.onion"
];
enableACME = true; enableACME = true;
acmeEmail = "leyla@jan-leila.com"; acmeEmail = "leyla@jan-leila.com";
}; };
services.tor = {
enable = true;
enableGeoIP = false;
relay.onionServices = {
volpe = {
version = 3;
map = [
{
port = 80;
target = {
addr = "[::1]";
port = 80;
};
}
];
};
};
settings = {
ClientUseIPv4 = true;
ClientUseIPv6 = true;
ClientPreferIPv6ORPort = true;
};
};
services.snowflake-proxy = {
enable = true;
capacity = 100;
};
} }

59
nix/module.nix
View file

@ -6,21 +6,27 @@
}: let }: let
cfg = config.services.volpe; cfg = config.services.volpe;
mkPkg = domain: isOnion = domain: lib.hasSuffix ".onion" domain;
mkPkg = domain: let
protocol =
if isOnion domain
then "http"
else "https";
in
pkgs.callPackage ./package.nix { pkgs.callPackage ./package.nix {
siteUrl = "https://${domain}"; siteUrl = "${protocol}://${domain}";
}; };
allDomains = [cfg.domain] ++ cfg.extraDomains; allDomains = [cfg.domain] ++ cfg.extraDomains;
regularDomains = lib.filter (d: !(isOnion d)) allDomains;
onionDomains = lib.filter isOnion cfg.extraDomains;
mkVirtualHost = domain: { mkHost = domain: {
root = "${mkPkg domain}"; root = "${mkPkg domain}";
forceSSL = cfg.enableACME;
enableACME = cfg.enableACME;
locations."/" = { locations."/" = {
tryFiles = "$uri $uri/ /index.html"; tryFiles = "$uri $uri/ /index.html";
}; };
# Cache static assets (CSS, JS, images) for 1 year with immutable
locations."~* \\.(css|js|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$" = { locations."~* \\.(css|js|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$" = {
extraConfig = '' extraConfig = ''
expires 1y; expires 1y;
@ -29,6 +35,28 @@
''; '';
}; };
}; };
mkVirtualHost = domain:
{
forceSSL = cfg.enableACME;
enableACME = cfg.enableACME;
}
// (mkHost domain);
mkOnionVirtualHost = domain:
{
listen = [
{
addr = "[::1]";
port = 80;
}
{
addr = "127.0.0.1";
port = 80;
}
];
}
// (mkHost domain);
in { in {
options.services.volpe = { options.services.volpe = {
enable = lib.mkEnableOption "volpe blog"; enable = lib.mkEnableOption "volpe blog";
@ -64,13 +92,20 @@ in {
recommendedOptimisation = true; recommendedOptimisation = true;
recommendedGzipSettings = true; recommendedGzipSettings = true;
recommendedProxySettings = true; recommendedProxySettings = true;
serverNamesHashBucketSize = 128;
# Create a virtualHost for each domain virtualHosts = lib.listToAttrs (
virtualHosts = lib.listToAttrs (map (domain: { (map (domain: {
name = domain; name = domain;
value = mkVirtualHost domain; value = mkVirtualHost domain;
}) })
allDomains); regularDomains)
++ (map (domain: {
name = domain;
value = mkOnionVirtualHost domain;
})
onionDomains)
);
}; };
security.acme = lib.mkIf cfg.enableACME { security.acme = lib.mkIf cfg.enableACME {