{ config, pkgs, lib, inputs, ... }: with lib; let name = "website"; cfg = config.services.skynet."${name}"; in { imports = [ ./acme.nix ./dns.nix ]; options.services.skynet."${name}" = { enable = mkEnableOption "Skynet Main Website"; }; config = mkIf cfg.enable { services.skynet.acme.domains = [ # the root one is already covered by teh certificate "2016.skynet.ie" "discord.skynet.ie" "public.skynet.ie" "renew.skynet.ie" ]; services.skynet.dns.records = [ # means root domain, so skynet.ie { record = "@"; r_type = "A"; value = config.services.skynet.host.ip; } { record = "2016"; r_type = "CNAME"; value = config.services.skynet.host.name; } { record = "discord"; r_type = "CNAME"; value = config.services.skynet.host.name; } { record = "public"; r_type = "CNAME"; value = config.services.skynet.host.name; } { record = "renew"; r_type = "CNAME"; value = config.services.skynet.host.name; } ]; services.nginx = { virtualHosts = { # main site "skynet.ie" = { forceSSL = true; useACMEHost = "skynet"; locations = { "/" = { root = "${inputs.skynet_website.defaultPackage."x86_64-linux"}"; }; # this redirects old links to new format "~* ~(?[a-z_0-9]*)(?\\S*)$" = { priority = 1; return = "307 https://$username.users.skynet.ie$files"; }; }; }; # archive of teh site as it was ~2012 to 2016 "2016.skynet.ie" = { forceSSL = true; useACMEHost = "skynet"; root = "${inputs.skynet_website_2016.defaultPackage."x86_64-linux"}"; }; # a custom discord url, because we are too cheap otehrwise "discord.skynet.ie" = { forceSSL = true; useACMEHost = "skynet"; locations."/".return = "307 https://discord.gg/mkuKJkCuyM"; }; "public.skynet.ie" = { forceSSL = true; useACMEHost = "skynet"; root = "${inputs.compsoc_public.packages.x86_64-linux.default}"; locations."/".extraConfig = "autoindex on;"; }; # for alumni members to renew their account "renew.skynet.ie" = { forceSSL = true; useACMEHost = "skynet"; root = "${inputs.skynet_website_renew.defaultPackage."x86_64-linux"}"; }; }; }; }; }