vm02117 is not the web server anymore

2025-01-27 14:23:45 +01:00 · 2025-01-27 14:23:45 +01:00 · d4e1760c70
commit d4e1760c70
parent f475b1f56c
3 changed files with 19 additions and 90 deletions
--- a/infra/README.org
+++ b/infra/README.org
@ -29,7 +29,7 @@ infrastructure.
 | Machine | Proxmox     | Description            | Deployment |
 |---------+-------------+------------------------+------------|
 | vm02116 | Procolix    | Forgejo                | ~git~      |
-| vm02117 | Procolix    | Web server             | ~web~      |
+| vm02117 | Procolix    | /unused/               | ~other~    |
 | vm02179 | Procolix    | /unused/               | ~other~    |
 | vm02186 | Procolix    | /unused/               | ~other~    |
 | vm02187 | Procolix    | Wiki                   | ~web~      |
--- a/infra/flake-part.nix
+++ b/infra/flake-part.nix
@ -51,24 +51,6 @@
      providers.local = inputs.nixops4-nixos.modules.nixops4Provider.local;

      resources = {
-        vm02117 = {
-          type = providers.local.exec;
-          imports = [ inputs.nixops4-nixos.modules.nixops4Resource.nixos ];
-          ssh = {
-            host = "185.206.232.106";
-            opts = "";
-            hostPublicKey = self.keys.systems.vm02117;
-          };
-          nixpkgs = inputs.nixpkgs;
-          nixos.module = {
-            imports = [
-              ./vm02117
-              self.nixosModules.ageSecrets
-              { fediversity.hostPublicKey = self.keys.systems.vm02117; }
-            ];
-          };
-        };
-
        vm02187 = {
          type = providers.local.exec;
          imports = [ inputs.nixops4-nixos.modules.nixops4Resource.nixos ];
@ -95,6 +77,24 @@
      providers.local = inputs.nixops4-nixos.modules.nixops4Provider.local;

      resources = {
+        vm02117 = {
+          type = providers.local.exec;
+          imports = [ inputs.nixops4-nixos.modules.nixops4Resource.nixos ];
+          ssh = {
+            host = "185.206.232.106";
+            opts = "";
+            hostPublicKey = self.keys.systems.vm02117;
+          };
+          nixpkgs = inputs.nixpkgs;
+          nixos.module = {
+            imports = [
+              ./vm02117
+              self.nixosModules.ageSecrets
+              { fediversity.hostPublicKey = self.keys.systems.vm02117; }
+            ];
+          };
+        };
+
        vm02179 = {
          type = providers.local.exec;
          imports = [ inputs.nixops4-nixos.modules.nixops4Resource.nixos ];
--- a/infra/vm02117/website.nix
+++ b/infra/vm02117/website.nix
@ -1,71 +0,0 @@
-{
-  services.nginx.enable = true;
-
-  services.nginx.virtualHosts."www.oid.foundation" = {
-    useACMEHost = "oid.foundation";
-    forceSSL = true;
-    globalRedirect = "oid.foundation";
-  };
-
-  services.nginx.virtualHosts."oid.foundation" = {
-    enableACME = true;
-    forceSSL = true;
-    root = "/var/www/oid.foundation";
-
-  };
-
-  services.nginx.virtualHosts."fediversity.eu" = {
-    useACMEHost = "www.fediversity.eu";
-    forceSSL = true;
-    globalRedirect = "www.fediversity.eu";
-    locations."/.well-known/matrix/client" = {
-      extraConfig = ''
-        return 200 '{"m.homeserver": {"base_url": "https://matrix.fediversity.eu", "public_baseurl": "https://matrix.fediversity.eu"}}';
-        default_type application/json;
-        add_header Access-Control-Allow-Origin "*";
-        add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS";
-        add_header Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Authorization";
-      '';
-    };
-    locations."/.well-known/matrix/server" = {
-      extraConfig = ''
-        return 200 '{"m.server": "matrix.fediversity.eu:443"}';
-        default_type application/json;
-        add_header Access-Control-Allow-Origin "*";
-        add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS";
-        add_header Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Authorization";
-      '';
-    };
-  };
-
-  services.nginx.virtualHosts."www.fediversity.eu" = {
-    enableACME = true;
-    forceSSL = true;
-    root = "${(import ../../website { }).build}";
-    locations."/.well-known/matrix/client" = {
-      extraConfig = ''
-        return 200 '{"m.homeserver": {"base_url": "https://matrix.fediversity.eu", "public_baseurl": "https://matrix.fediversity.eu"}}';
-        default_type application/json;
-        add_header Access-Control-Allow-Origin "*";
-        add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS";
-        add_header Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Authorization";
-      '';
-    };
-    locations."/.well-known/matrix/server" = {
-      extraConfig = ''
-        return 200 '{"m.server": "matrix.fediversity.eu:443"}';
-        default_type application/json;
-        add_header Access-Control-Allow-Origin "*";
-        add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS";
-        add_header Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Authorization";
-      '';
-    };
-  };
-
-  security.acme = {
-    acceptTerms = true;
-    defaults.email = "beheer@procolix.com";
-    certs."www.fediversity.eu".extraDomainNames = [ "fediversity.eu" ];
-    certs."oid.foundation".extraDomainNames = [ "www.oid.foundation" ];
-  };
-}