diff options
author | Florian Klink <flokli@flokli.de> | 2024-02-23T09·41+0700 |
---|---|---|
committer | clbot <clbot@tvl.fyi> | 2024-02-23T18·44+0000 |
commit | f3faeae52aae8a3ab9cd0aee2c2a2ef9c904e483 (patch) | |
tree | ed312626f122f420ad45d2c2ddee1a4182e8d1df /ops | |
parent | 5c3065b43a61a5fa019cbbb157984fc5eb81d439 (diff) |
feat(ops/glesys): add bolt.tvix.dev r/7598
Make tvixbolt.tvl.su just serve a redirect to the new domain, and fold everything into the tvix.dev.nix module. Change-Id: I3a9ccf37d2ceee8886208d6f662e7598ce395b1a Reviewed-on: https://cl.tvl.fyi/c/depot/+/11015 Reviewed-by: lukegb <lukegb@tvl.fyi> Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
Diffstat (limited to 'ops')
-rw-r--r-- | ops/glesys/dns-tvix-dev.tf | 7 | ||||
-rw-r--r-- | ops/glesys/dns-tvl-su.tf | 9 | ||||
-rw-r--r-- | ops/machines/whitby/default.nix | 1 | ||||
-rw-r--r-- | ops/modules/www/tvix.dev.nix | 17 | ||||
-rw-r--r-- | ops/modules/www/tvixbolt.tvl.su.nix | 19 |
5 files changed, 27 insertions, 26 deletions
diff --git a/ops/glesys/dns-tvix-dev.tf b/ops/glesys/dns-tvix-dev.tf index f4570326031c..296532a02b04 100644 --- a/ops/glesys/dns-tvix-dev.tf +++ b/ops/glesys/dns-tvix-dev.tf @@ -18,6 +18,13 @@ resource "glesys_dnsdomain_record" "tvix_dev_apex_AAAA" { data = var.whitby_ipv6 } +resource "glesys_dnsdomain_record" "tvix_dev_bolt_CNAME" { + domain = glesys_dnsdomain.tvix_dev.id + host = "bolt" + type = "CNAME" + data = "whitby.tvl.su." +} + resource "glesys_dnsdomain_record" "tvix_dev_docs_CNAME" { domain = glesys_dnsdomain.tvix_dev.id host = "docs" diff --git a/ops/glesys/dns-tvl-su.tf b/ops/glesys/dns-tvl-su.tf index 0f397193d7ae..f2286cf1cf5d 100644 --- a/ops/glesys/dns-tvl-su.tf +++ b/ops/glesys/dns-tvl-su.tf @@ -76,15 +76,12 @@ resource "glesys_dnsdomain_record" "tvl_su_whitby_services" { for_each = toset(local.whitby_services) } -# Explicit records for corp-only services running on whitby. -resource "glesys_dnsdomain_record" "tvl_su_corp_whitby_services" { +# historical tvixbolt.tvl.su record, redirects to bolt.tvix.dev +resource "glesys_dnsdomain_record" "tvix_su_tvixbolt_CNAME" { domain = glesys_dnsdomain.tvl_su.id + host = "tvixbolt" type = "CNAME" data = "whitby.tvl.su." - host = each.key - for_each = toset([ - "tvixbolt", - ]) } resource "glesys_dnsdomain_record" "tvl_su_inbox_CNAME" { diff --git a/ops/machines/whitby/default.nix b/ops/machines/whitby/default.nix index 285b30f77c7f..2259b51c2ab8 100644 --- a/ops/machines/whitby/default.nix +++ b/ops/machines/whitby/default.nix @@ -42,7 +42,6 @@ in (mod "www/status.tvl.su.nix") (mod "www/todo.tvl.fyi.nix") (mod "www/tvix.dev.nix") - (mod "www/tvixbolt.tvl.su.nix") (mod "www/tvl.fyi.nix") (mod "www/tvl.su.nix") (mod "www/wigglydonke.rs.nix") diff --git a/ops/modules/www/tvix.dev.nix b/ops/modules/www/tvix.dev.nix index f86f5b3b1e98..33c0bb002c75 100644 --- a/ops/modules/www/tvix.dev.nix +++ b/ops/modules/www/tvix.dev.nix @@ -17,6 +17,23 @@ ''; }; + services.nginx.virtualHosts."bolt.tvix.dev" = { + root = depot.web.tvixbolt; + enableACME = true; + forceSSL = true; + + extraConfig = '' + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; + ''; + }; + + # old domain, serve redirect + services.nginx.virtualHosts."tvixbolt.tvl.su" = { + enableACME = true; + forceSSL = true; + extraConfig = "return 301 https://bolt.tvix.dev$request_uri;"; + }; + services.nginx.virtualHosts."docs.tvix.dev" = { serverName = "docs.tvix.dev"; enableACME = true; diff --git a/ops/modules/www/tvixbolt.tvl.su.nix b/ops/modules/www/tvixbolt.tvl.su.nix deleted file mode 100644 index ef8ba0b11e7a..000000000000 --- a/ops/modules/www/tvixbolt.tvl.su.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ depot, ... }: - -{ - imports = [ - ./base.nix - ]; - - config = { - services.nginx.virtualHosts."tvixbolt.tvl.su" = { - root = depot.web.tvixbolt; - enableACME = true; - forceSSL = true; - - extraConfig = '' - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; - ''; - }; - }; -} |