lois/Fediversity
1
0
Fork 0
forked from Fediversity/Fediversity
Code Pull requests Activity

vm02117 is not the web server anymore

Browse source
This commit is contained in:
Nicolas Jeannerod 2025-01-27 14:23:45 +01:00
parent f475b1f56c
commit d4e1760c70
Signed by untrusted user: Niols
GPG key ID: 35DB9EC8886E1CB8
3 changed files with 19 additions and 90 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
infra/README.org
View file

@ -29,7 +29,7 @@ infrastructure.
| Machine | Proxmox | Description | Deployment | | Machine | Proxmox | Description | Deployment |
|---------+-------------+------------------------+------------| |---------+-------------+------------------------+------------|
| vm02116 | Procolix | Forgejo | ~git~ | | vm02116 | Procolix | Forgejo | ~git~ |
| vm02117 | Procolix | Web server | ~web~ | | vm02117 | Procolix | /unused/ | ~other~ |
| vm02179 | Procolix | /unused/ | ~other~ | | vm02179 | Procolix | /unused/ | ~other~ |
| vm02186 | Procolix | /unused/ | ~other~ | | vm02186 | Procolix | /unused/ | ~other~ |
| vm02187 | Procolix | Wiki | ~web~ | | vm02187 | Procolix | Wiki | ~web~ |

36
infra/flake-part.nix
View file

@ -51,24 +51,6 @@
providers.local = inputs.nixops4-nixos.modules.nixops4Provider.local; providers.local = inputs.nixops4-nixos.modules.nixops4Provider.local;
resources = { resources = {
vm02117 = {
type = providers.local.exec;
imports = [ inputs.nixops4-nixos.modules.nixops4Resource.nixos ];
ssh = {
host = "185.206.232.106";
opts = "";
hostPublicKey = self.keys.systems.vm02117;
};
nixpkgs = inputs.nixpkgs;
nixos.module = {
imports = [
./vm02117
self.nixosModules.ageSecrets
{ fediversity.hostPublicKey = self.keys.systems.vm02117; }
];
};
};
vm02187 = { vm02187 = {
type = providers.local.exec; type = providers.local.exec;
imports = [ inputs.nixops4-nixos.modules.nixops4Resource.nixos ]; imports = [ inputs.nixops4-nixos.modules.nixops4Resource.nixos ];
@ -95,6 +77,24 @@
providers.local = inputs.nixops4-nixos.modules.nixops4Provider.local; providers.local = inputs.nixops4-nixos.modules.nixops4Provider.local;
resources = { resources = {
vm02117 = {
type = providers.local.exec;
imports = [ inputs.nixops4-nixos.modules.nixops4Resource.nixos ];
ssh = {
host = "185.206.232.106";
opts = "";
hostPublicKey = self.keys.systems.vm02117;
};
nixpkgs = inputs.nixpkgs;
nixos.module = {
imports = [
./vm02117
self.nixosModules.ageSecrets
{ fediversity.hostPublicKey = self.keys.systems.vm02117; }
];
};
};
vm02179 = { vm02179 = {
type = providers.local.exec; type = providers.local.exec;
imports = [ inputs.nixops4-nixos.modules.nixops4Resource.nixos ]; imports = [ inputs.nixops4-nixos.modules.nixops4Resource.nixos ];

71
infra/vm02117/website.nix
View file

@ -1,71 +0,0 @@
{
services.nginx.enable = true;
services.nginx.virtualHosts."www.oid.foundation" = {
useACMEHost = "oid.foundation";
forceSSL = true;
globalRedirect = "oid.foundation";
};
services.nginx.virtualHosts."oid.foundation" = {
enableACME = true;
forceSSL = true;
root = "/var/www/oid.foundation";
};
services.nginx.virtualHosts."fediversity.eu" = {
useACMEHost = "www.fediversity.eu";
forceSSL = true;
globalRedirect = "www.fediversity.eu";
locations."/.well-known/matrix/client" = {
extraConfig = ''
return 200 '{"m.homeserver": {"base_url": "https://matrix.fediversity.eu", "public_baseurl": "https://matrix.fediversity.eu"}}';
default_type application/json;
add_header Access-Control-Allow-Origin "*";
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS";
add_header Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Authorization";
'';
};
locations."/.well-known/matrix/server" = {
extraConfig = ''
return 200 '{"m.server": "matrix.fediversity.eu:443"}';
default_type application/json;
add_header Access-Control-Allow-Origin "*";
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS";
add_header Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Authorization";
'';
};
};
services.nginx.virtualHosts."www.fediversity.eu" = {
enableACME = true;
forceSSL = true;
root = "${(import ../../website { }).build}";
locations."/.well-known/matrix/client" = {
extraConfig = ''
return 200 '{"m.homeserver": {"base_url": "https://matrix.fediversity.eu", "public_baseurl": "https://matrix.fediversity.eu"}}';
default_type application/json;
add_header Access-Control-Allow-Origin "*";
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS";
add_header Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Authorization";
'';
};
locations."/.well-known/matrix/server" = {
extraConfig = ''
return 200 '{"m.server": "matrix.fediversity.eu:443"}';
default_type application/json;
add_header Access-Control-Allow-Origin "*";
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS";
add_header Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Authorization";
'';
};
};
security.acme = {
acceptTerms = true;
defaults.email = "beheer@procolix.com";
certs."www.fediversity.eu".extraDomainNames = [ "fediversity.eu" ];
certs."oid.foundation".extraDomainNames = [ "www.oid.foundation" ];
};
}