nixos/applications/skynet.ie.nix

78 lines
No EOL
1.9 KiB
Nix

{ config, pkgs, lib, inputs, ... }:
with lib;
let
cfg = config.services.skynet;
in {
imports = [
./acme.nix
./dns.nix
];
options.services.skynet = {
host = {
ip = mkOption {
type = types.str;
};
name = mkOption {
type = types.str;
};
};
};
config = {
skynet_acme.domains = [
# the root one is already covered by teh certificate
"2016.skynet.ie"
"discord.skynet.ie"
"ext.skynet.ie"
];
skynet_dns.records = [
# means root domain, so skynet.ie
{record="@"; r_type="A"; value=cfg.host.ip;}
{record="2016"; r_type="CNAME"; value="@";}
{record="discord"; r_type="CNAME"; value="@";}
];
networking.firewall.allowedTCPPorts = [80 443];
services.httpd = {
enable = true;
group = "acme";
virtualHosts = {
# main site
"skynet.ie" = {
forceSSL = true;
useACMEHost = "skynet";
documentRoot = "${inputs.skynet_website.defaultPackage."x86_64-linux"}";
# only on skynet.ie
# skynet.ie/~username
enableUserDir = true;
};
"ext.skynet.ie" = {
forceSSL = true;
useACMEHost = "skynet";
documentRoot = "${inputs.skynet_website.defaultPackage."x86_64-linux"}";
# only on skynet.ie
# skynet.ie/~username
enableUserDir = true;
};
# archive of teh site as it was ~2012 to 2016
"2016.skynet.ie" = {
forceSSL = true;
useACMEHost = "skynet";
documentRoot = "${inputs.skynet_website_2016.defaultPackage."x86_64-linux"}";
};
# archive of teh site as it was ~2012 to 2016
"discord.skynet.ie" = {
forceSSL = true;
useACMEHost = "skynet";
globalRedirect = "https://discord.gg/mkuKJkCuyM";
};
};
};
};
}