Merge pull request 'feature/pub-solar-website' (#20) from feature/pub-solar-website into main

Reviewed-on: pub-solar/infra-new#20
This commit is contained in:
hensoko 2023-10-28 16:45:30 +02:00
commit 5dcbb8e526
Signed by: pub.solar gitea
GPG key ID: F0332B04B7054873
3 changed files with 50 additions and 1 deletions

View file

@ -0,0 +1,47 @@
{ ... }:
{
services.nginx.virtualHosts = {
"www.pub.solar".locations."/".extraConfig = "return 301 https://pub.solar$request_uri";
"pub.solar" = {
default = true;
enableACME = true;
locations = {
# serve base domain pub.solar for mastodon.pub.solar
# https://masto.host/mastodon-usernames-different-from-the-domain-used-for-installation/
"/.well-known/host-meta" = {
extraConfig = ''
return 301 https://mastodon.pub.solar$request_uri;
'';
};
# Tailscale OIDC webfinger requirement plus Mastodon webfinger redirect
"/.well-known/webfinger" = {
# Redirect requests that match /.well-known/webfinger?resource=* to Mastodon
extraConfig = ''
if ($arg_resource) = {
return 301 https://mastodon.pub.solar$request_uri;
}
add_header Content-Type text/plain;
return 200 '{\n "subject": "acct:admins@pub.solar",\n "links": [\n {\n "rel": "http://openid.net/specs/connect/1.0/issuer",\n "href": "https://auth.pub.solar/realms/pub.solar"\n }\n ]\n}';
'';
};
"/satzung" = {
extraConfig = ''
return 302 /satzung https://cloud.pub.solar/s/2tRCP9aZFCiWxQy;
'';
};
"/" = {
root = "/srv/www/pub.solar";
index = "index.html";
tryFiles = "$uri $uri/";
};
};
};
};
}

View file

@ -16,7 +16,7 @@ in {
security.acme = { security.acme = {
acceptTerms = true; acceptTerms = true;
email = acmeEmailAddress; defaults.email = acmeEmailAddress;
}; };
networking.firewall.allowedTCPPorts = [80 443]; networking.firewall.allowedTCPPorts = [80 443];

View file

@ -9,5 +9,7 @@
./networking.nix ./networking.nix
./nix.nix ./nix.nix
./apps/nginx.nix ./apps/nginx.nix
./apps/nginx-website.nix
]; ];
} }