machines/renard/default.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67

{ ... }:

{
  imports = [
    ../../modules/common.nix

    ./hardware.nix
    ./devices.nix

    ../../modules/www.nix
    ../../modules/git.nix
  ];

  services.nginx.virtualHosts = {
    "rnrd.eu".locations = {
      # redirect to akkoma on lapin
      "/.well-known/webfinger" = {
        return = "301 https://soc.rnrd.eu$request_uri";  
      };

      # delegate matrix to lapin
      "/.well-known/matrix/server" = {
        return = "200 '{ \"m.server\": \"matrix.rnrd.eu:443\" }'";
        extraConfig = ''
          default_type application/json;
        '';
      };
      "/.well-known/matrix/client" = {
        return = "200 '{ \"m.homeserver\": { \"base_url\": \"https://matrix.rnrd.eu\" } }'";
        extraConfig = ''
          default_type application/json;
          add_header "Access-Control-Allow-Origin" *;
        '';
      };
    };

    "sho.rest" = {
      enableACME = true;
      forceSSL = true;
      locations."/" = {
        proxyPass = "http://127.0.0.1:5000";
      };
    };

    "mel.gg" = {
      enableACME = true;
      forceSSL = true;
      root = "/srv/mel";
    };

    "git.rnrd.eu" = {
      enableACME = true;
      forceSSL = true;
      locations = {
        "/" = {
          proxyPass = "http://127.0.0.1:3792";
        };

        "/static/" = {
          alias = "/srv/cgit/static/";
        };
      };
    };
  };

  system.stateVersion = "24.05";
}