nixos/applications/skynet.ie.nix

124 lines
2.8 KiB
Nix
Raw Normal View History

{
config,
pkgs,
lib,
inputs,
...
}:
with lib; let
cfg = config.services.skynet;
in {
2023-07-23 02:08:56 +00:00
imports = [
./acme.nix
./dns.nix
2024-05-03 23:15:20 +00:00
./open_governance/open_governance.nix
2024-05-07 00:37:19 +00:00
./open_governance/keyserver.nix
2023-07-23 02:08:56 +00:00
];
options.services.skynet = {
host = {
ip = mkOption {
type = types.str;
};
name = mkOption {
type = types.str;
};
};
};
config = {
skynet_acme.domains = [
# the root one is already covered by teh certificate
"2016.skynet.ie"
2023-08-11 00:44:04 +00:00
"discord.skynet.ie"
2023-09-28 16:11:35 +00:00
"public.skynet.ie"
"renew.skynet.ie"
];
2023-07-23 02:08:56 +00:00
skynet_dns.records = [
# means root domain, so skynet.ie
{
record = "@";
r_type = "A";
value = cfg.host.ip;
}
{
record = "2016";
r_type = "CNAME";
value = cfg.host.name;
}
{
record = "discord";
r_type = "CNAME";
value = cfg.host.name;
}
2023-09-27 23:26:32 +00:00
{
2023-09-28 16:11:35 +00:00
record = "public";
2023-09-27 23:26:32 +00:00
r_type = "CNAME";
value = cfg.host.name;
}
{
record = "renew";
r_type = "CNAME";
value = cfg.host.name;
}
2023-07-23 02:08:56 +00:00
];
2024-05-03 23:15:20 +00:00
services.skynet.open-governance.host = cfg.host;
2024-05-07 00:37:19 +00:00
services.skynet.keyserver.host = cfg.host;
2023-07-23 02:08:56 +00:00
networking.firewall.allowedTCPPorts = [80 443];
services.nginx = {
2023-07-23 02:08:56 +00:00
enable = true;
group = "acme";
virtualHosts = {
# main site
"skynet.ie" = {
forceSSL = true;
useACMEHost = "skynet";
locations = {
"/" = {
root = "${inputs.skynet_website.defaultPackage."x86_64-linux"}";
};
# this redirects old links to new format
2024-05-24 14:55:12 +00:00
"~* ~(?<username>[a-z_0-9]*)(?<files>.*)$" = {
priority = 1;
return = "307 https://$username.users.skynet.ie$files";
};
};
};
2023-07-23 02:08:56 +00:00
# archive of teh site as it was ~2012 to 2016
"2016.skynet.ie" = {
forceSSL = true;
useACMEHost = "skynet";
root = "${inputs.skynet_website_2016.defaultPackage."x86_64-linux"}";
2023-07-23 02:08:56 +00:00
};
2023-08-11 00:44:04 +00:00
2023-09-27 23:26:32 +00:00
# a custom discord url, because we are too cheap otehrwise
2023-08-11 00:44:04 +00:00
"discord.skynet.ie" = {
forceSSL = true;
useACMEHost = "skynet";
locations."/".return = "307 https://discord.gg/mkuKJkCuyM";
2023-08-11 00:44:04 +00:00
};
2023-09-27 23:26:32 +00:00
2023-09-28 16:11:35 +00:00
"public.skynet.ie" = {
2023-09-27 23:26:32 +00:00
forceSSL = true;
useACMEHost = "skynet";
2023-09-28 16:11:35 +00:00
root = "${inputs.compsoc_public.packages.x86_64-linux.default}";
locations."/".extraConfig = "autoindex on;";
2023-09-27 23:26:32 +00:00
};
# for alumni members to renew their account
"renew.skynet.ie" = {
forceSSL = true;
useACMEHost = "skynet";
root = "${inputs.skynet_website_renew.defaultPackage."x86_64-linux"}";
};
2023-07-23 02:08:56 +00:00
};
};
};
}