about summary refs log tree commit diff
path: root/ops/nixos
diff options
context:
space:
mode:
Diffstat (limited to 'ops/nixos')
-rw-r--r--ops/nixos/camden/default.nix35
1 files changed, 22 insertions, 13 deletions
diff --git a/ops/nixos/camden/default.nix b/ops/nixos/camden/default.nix
index df1520a767b2..ea8f0f5ad25b 100644
--- a/ops/nixos/camden/default.nix
+++ b/ops/nixos/camden/default.nix
@@ -5,6 +5,14 @@ config: let
   nixpkgs = import depot.third_party.nixpkgsSrc {
     config.allowUnfree = true;
   };
+
+  nginxRedirect = { from, to, acmeHost }: {
+    serverName = from;
+    useACMEHost = acmeHost;
+    forceSSL = true;
+
+    extraConfig = "return 301 https://${to}$request_uri;";
+  };
 in lib.fix(self: {
   imports = [
     ../modules/depot.nix
@@ -222,7 +230,6 @@ in lib.fix(self: {
 
         # Local domains (for this machine only)
         "camden.tazj.in" = null;
-        "git.camden.tazj.in" = null;
       };
       postRun = "systemctl reload nginx";
     };
@@ -392,19 +399,9 @@ in lib.fix(self: {
       '';
     };
 
-    virtualHosts.cgit-old = {
-      serverName = "git.tazj.in";
-      useACMEHost = "tazj.in";
-      forceSSL = true;
-
-      extraConfig = ''
-        return 301 https://code.tvl.fyi$request_uri;
-      '';
-    };
-
     virtualHosts.hound = {
-      serverName = "cs.tazj.in";
-      useACMEHost = "tazj.in";
+      serverName = "cs.tvl.fyi";
+      useACMEHost = "tvl.fyi";
       forceSSL = true;
 
       extraConfig = ''
@@ -427,6 +424,18 @@ in lib.fix(self: {
         }
       '';
     };
+
+    virtualHosts.cgit-old = nginxRedirect {
+      from = "git.tazj.in";
+      to = "code.tvl.fyi";
+      acmeHost = "tazj.in";
+    };
+
+    virtualHosts.cs-old = nginxRedirect {
+      from = "cs.tazj.in";
+      to = "cs.tvl.fyi";
+      acmeHost = "tazj.in";
+    };
   };
 
   # Timer units that can be started with systemd-run to set my alarm.