diff options
| author | Vincent Ambo <tazjin@tvl.su> | 2024-09-14T20·24+0300 |
|---|---|---|
| committer | tazjin <tazjin@tvl.su> | 2024-09-14T23·47+0000 |
| commit | c9eeb7da70bc711cae4f4bdbe2b0aa4fc5aee643 (patch) | |
| tree | b68237467cfe0e611aedce28f1fc0444853fa1ac | |
| parent | 7593592241e948a056f17f172732d390349b70c4 (diff) | |
feat(tazjin/nixos): serve homepage on yggdrasil r/8692
First test of running an Yggdrasil service, lets see how that goes! Change-Id: Iac10b72f7314a45df13ea539c5c1cef6c994154f Reviewed-on: https://cl.tvl.fyi/c/depot/+/12484 Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
| -rw-r--r-- | users/tazjin/nixos/koptevo/default.nix | 2 | ||||
| -rw-r--r-- | users/tazjin/nixos/modules/homepage.nix | 69 |
2 files changed, 41 insertions, 30 deletions
diff --git a/users/tazjin/nixos/koptevo/default.nix b/users/tazjin/nixos/koptevo/default.nix index e5199f34e7de..ec490e453c70 100644 --- a/users/tazjin/nixos/koptevo/default.nix +++ b/users/tazjin/nixos/koptevo/default.nix @@ -98,6 +98,8 @@ in openssh.authorizedKeys.keys = depot.users.tazjin.keys.all; }; + users.users.nginx.extraGroups = [ "acme" ]; + age.secrets = let secretFile = name: depot.users.tazjin.secrets."${name}.age"; diff --git a/users/tazjin/nixos/modules/homepage.nix b/users/tazjin/nixos/modules/homepage.nix index b109fbefd3be..65191d6e7087 100644 --- a/users/tazjin/nixos/modules/homepage.nix +++ b/users/tazjin/nixos/modules/homepage.nix @@ -1,6 +1,38 @@ # serve tazjin's website & blog { depot, config, lib, pkgs, ... }: +let + extraConfig = '' + location = /en/rss.xml { + return 301 https://tazj.in/feed.atom; + } + + ${depot.users.tazjin.blog.oldRedirects} + location /blog/ { + alias ${depot.users.tazjin.blog.rendered}/; + + if ($request_uri ~ ^/(.*)\.html$) { + return 302 /$1; + } + + try_files $uri $uri.html $uri/ =404; + } + + location = /predlozhnik { + return 302 https://predlozhnik.ru; + } + + # redirect for easier entry on a TV + location = /tv { + return 302 https://tazj.in/blobs/play.html; + } + + # Temporary place for serving static files. + location /blobs/ { + alias /var/lib/tazjins-blobs/; + } + ''; +in { config = { services.nginx.virtualHosts."tazj.in" = { @@ -8,37 +40,14 @@ forceSSL = true; root = depot.users.tazjin.homepage; serverAliases = [ "www.tazj.in" ]; + inherit extraConfig; + }; - extraConfig = '' - location = /en/rss.xml { - return 301 https://tazj.in/feed.atom; - } - - ${depot.users.tazjin.blog.oldRedirects} - location /blog/ { - alias ${depot.users.tazjin.blog.rendered}/; - - if ($request_uri ~ ^/(.*)\.html$) { - return 302 /$1; - } - - try_files $uri $uri.html $uri/ =404; - } - - location = /predlozhnik { - return 302 https://predlozhnik.ru; - } - - # redirect for easier entry on a TV - location = /tv { - return 302 https://tazj.in/blobs/play.html; - } - - # Temporary place for serving static files. - location /blobs/ { - alias /var/lib/tazjins-blobs/; - } - ''; + services.nginx.virtualHosts."y.tazj.in" = { + enableSSL = true; + useACMEHost = "y.tazj.in"; + root = depot.users.tazjin.homepage; + inherit extraConfig; }; services.nginx.virtualHosts."git.tazj.in" = { |