summary refs log tree commit diff stats
path: root/modules
diff options
context:
space:
mode:
authorBenedikt Peetz <benedikt.peetz@b-peetz.de>2024-12-25 18:54:51 +0100
committerBenedikt Peetz <benedikt.peetz@b-peetz.de>2024-12-25 20:02:11 +0100
commit94816c9c63899b936764c9ece659fb6a1044e6e1 (patch)
treeceb93831b394d2425506979436d4da0c08d7333e /modules
parentfix(modules/nix-sync/internal): Fix syntax errors in shell-script (diff)
downloadnixos-server-94816c9c63899b936764c9ece659fb6a1044e6e1.tar.gz
nixos-server-94816c9c63899b936764c9ece659fb6a1044e6e1.zip
feat(modules/nginx): Modularise the redirects and migrate them to server2
The redirects always have an implicit dependency on the DNS config of
the running host. As such, simply stating them for all host is never a
possibility and setting them per host the only viable option.
Diffstat (limited to 'modules')
-rw-r--r--modules/by-name/ng/nginx/module.nix47
-rw-r--r--modules/by-name/ng/nginx/redirects.nix6
2 files changed, 25 insertions, 28 deletions
diff --git a/modules/by-name/ng/nginx/module.nix b/modules/by-name/ng/nginx/module.nix
index 1e9b626..39919c9 100644
--- a/modules/by-name/ng/nginx/module.nix
+++ b/modules/by-name/ng/nginx/module.nix
@@ -3,20 +3,13 @@
   config,
   ...
 }: let
-  importedRedirects = import ./redirects.nix {};
-  mkRedirect = {
-    key,
-    value,
-  }: {
-    name = key;
-    value = {
-      forceSSL = true;
-      enableACME = true;
-      locations."/".return = "301 ${value}";
-    };
+  mkRedirect = _: value: {
+    forceSSL = true;
+    enableACME = true;
+    locations."/".return = "301 ${value}";
   };
 
-  redirects = builtins.listToAttrs (builtins.map mkRedirect importedRedirects);
+  redirects = builtins.mapAttrs mkRedirect cfg.redirects;
 
   cfg = config.vhack.nginx;
 in {
@@ -33,6 +26,16 @@ in {
         really be useful for tests.
       '';
     };
+
+    redirects = lib.mkOption {
+      type = lib.types.attrsOf lib.types.str;
+      default = {};
+      description = ''
+        An attrset of redirects to add.
+        The keys are the domain that should than be redirected to the url specified as
+        value.
+      '';
+    };
   };
 
   config = lib.mkIf cfg.enable {
@@ -62,16 +65,16 @@ in {
     };
     services.nginx = {
       enable = true;
-      # The merge here is fine, as no domain should be specified twice
-      virtualHosts =
-        {
-          "gallery.s-schoeffel.de" = {
-            forceSSL = true;
-            enableACME = true;
-            root = "/srv/gallery.s-schoeffel.de";
-          };
-        }
-        // redirects;
+      virtualHosts = redirects;
+
+      # FIXME(@bpeetz): Migrate to a host. <2024-12-25>
+      #  {
+      #    "gallery.s-schoeffel.de" = {
+      #      forceSSL = true;
+      #      enableACME = true;
+      #      root = "/srv/gallery.s-schoeffel.de";
+      #    };
+      #  }
     };
   };
 }
diff --git a/modules/by-name/ng/nginx/redirects.nix b/modules/by-name/ng/nginx/redirects.nix
deleted file mode 100644
index a021e72..0000000
--- a/modules/by-name/ng/nginx/redirects.nix
+++ /dev/null
@@ -1,6 +0,0 @@
-{...}: [
-  {
-    key = "source.vhack.eu";
-    value = "https://codeberg.org/vhack.eu/nixos-server";
-  }
-]