{ config, pkgs, lib, inputs, ... }: with lib; let cfg = config.services.skynet; in { imports = [ ./acme.nix ./dns.nix ]; options.services.skynet = { host = { ip = mkOption { type = types.str; }; name = mkOption { type = types.str; }; }; }; config = { skynet_acme.domains = [ # the root one is already covered by teh certificate "2016.skynet.ie" ]; skynet_dns.records = [ # means root domain, so skynet.ie {record="@"; r_type="A"; value=cfg.host.ip;} {record="2016"; r_type="CNAME"; value="skynet";} ]; networking.firewall.allowedTCPPorts = [80 443]; services.httpd = { enable = true; group = "acme"; virtualHosts = { # main site "skynet.ie" = { forceSSL = true; useACMEHost = "skynet"; documentRoot = "${inputs.skynet_website.defaultPackage."x86_64-linux"}"; # only on skynet.ie # skynet.ie/~username enableUserDir = true; }; # archive of teh site as it was ~2012 to 2016 "2016.skynet.ie" = { forceSSL = true; useACMEHost = "skynet"; documentRoot = "${inputs.skynet_website_2016.defaultPackage."x86_64-linux"}"; }; }; }; }; }