summary refs log tree commit diff stats
path: root/system/services/nginx
diff options
context:
space:
mode:
Diffstat (limited to 'system/services/nginx')
-rw-r--r--system/services/nginx/default.nix17
-rw-r--r--system/services/nginx/hosts.nix26
2 files changed, 36 insertions, 7 deletions
diff --git a/system/services/nginx/default.nix b/system/services/nginx/default.nix
index 3a0496d..7c2fa55 100644
--- a/system/services/nginx/default.nix
+++ b/system/services/nginx/default.nix
@@ -1,4 +1,4 @@
-{...}: let
+{lib, ...}: let
   domains = import ./hosts.nix {};
   importedRedirects = import ./redirects.nix {};
   mkRedirect = {
@@ -16,24 +16,29 @@
     domain,
     root,
     url,
+    extraSettings ? {},
   }: {
     name = "${domain}";
-    value = {
-      forceSSL = true;
-      enableACME = true;
-      root = "${root}";
-    };
+    value =
+      lib.recursiveUpdate {
+        forceSSL = true;
+        enableACME = true;
+        root = "${root}";
+      }
+      extraSettings;
   };
 
   mkNixSyncRepository = {
     domain,
     root,
     url,
+    extraSettings ? {},
   }: {
     name = "${domain}";
     value = {
       path = "${root}";
       uri = "${url}";
+      inherit extraSettings;
     };
   };
 
diff --git a/system/services/nginx/hosts.nix b/system/services/nginx/hosts.nix
index 5d27af7..0f6c09e 100644
--- a/system/services/nginx/hosts.nix
+++ b/system/services/nginx/hosts.nix
@@ -1,4 +1,14 @@
-{...}: [
+{...}: let
+  extraWkdSettings = {
+    locations."/.well-known/openpgpkey/hu/".extraConfig = ''
+      default_type application/octet-stream;
+
+      # Came from: https://www.uriports.com/blog/setting-up-openpgp-web-key-directory/
+      # No idea if it is actually necessary
+      # add_header Access-Control-Allow-Origin * always;
+    '';
+  };
+in [
   {
     domain = "vhack.eu";
     root = "/etc/nginx/websites/vhack.eu";
@@ -9,4 +19,18 @@
     root = "/etc/nginx/websites/b-peetz.de";
     url = "https://codeberg.org/bpeetz/b-peetz.de.git";
   }
+
+  # WKD
+  {
+    domain = "openpgpkey.b-peetz.de";
+    root = "/etc/nginx/websites/openpgpkey.b-peetz.de";
+    url = "https://codeberg.org/vhack.eu/gpg_wkd.git";
+    extraSettings = extraWkdSettings;
+  }
+  {
+    domain = "openpgpkey.vhack.eu";
+    root = "/etc/nginx/websites/openpgpkey.vhack.eu";
+    url = "https://codeberg.org/vhack.eu/gpg_wkd.git";
+    extraSettings = extraWkdSettings;
+  }
 ]