hosts/plover: add nginx content caching for select services

hosts/plover/modules/services/gitea.nix

@@ -174,6 +174,9 @@ in
     locations."/" = {
       proxyPass = "http://localhost:${toString config.services.gitea.settings.server.HTTP_PORT}";
     };
+    extraConfig = ''
+      proxy_cache ${config.services.nginx.proxyCachePath.apps.keysZoneName};
+    '';
   };
 
   # Configuring fail2ban for this service which thankfully has a dedicated page

hosts/plover/modules/services/nginx.nix

@@ -17,10 +17,25 @@
     recommendedProxySettings = true;
     recommendedTlsSettings = true;
 
+    proxyCachePath.apps = {
+      enable = true;
+      keysZoneName = "apps";
+    };
+
+    appendConfig = ''
+      worker_processes auto;
+    '';
+
     # We're avoiding any service to be the default server especially that it
     # could be used for enter a service with unencrypted HTTP. So we're setting
     # up one with an unresponsive server response.
     appendHttpConfig = ''
+      # https://docs.nginx.com/nginx/admin-guide/content-cache/content-caching/
+      proxy_cache_min_uses 5;
+      proxy_cache_valid 200 302 10m;
+      proxy_cache_valid 404 1m;
+      proxy_no_cache $http_pragma $http_authorization;
+
       server {
         listen 80 default_server;
         listen [::]:80 default_server;

hosts/plover/modules/services/vaultwarden.nix

@@ -154,6 +154,9 @@ in
           proxyWebsockets = true;
         };
       };
+    extraConfig = ''
+      proxy_cache ${config.services.nginx.proxyCachePath.apps.keysZoneName};
+    '';
   };
 
   # Configuring fail2ban for this service which thankfully has a dedicated page