stuebinm
5e7c46a4e9
this is just me procrastinating … (not tested, not deployed – we don't actually own i4f.de)
60 lines
1.5 KiB
Nix
60 lines
1.5 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
let
|
|
shortdomain = "i4f.de";
|
|
redirects = [
|
|
(short "d" "discuss.infra4future.de")
|
|
(short "m" "mattermost.infra4future.de")
|
|
(short "c" "cloud.infra4future.de")
|
|
(short "s" "survey.infra4future.de")
|
|
(short "g" "gitlab.infra4future.de")
|
|
];
|
|
|
|
|
|
short = name: target: {
|
|
inherit name target;
|
|
};
|
|
toVirtualHosts = {name, target, ...}: {
|
|
name = "${name}.${shortdomain}";
|
|
value = {
|
|
forceSSL = true;
|
|
useACMEHost = "*.i4f.de";
|
|
locations."/".return = "302 https://${target}$request_uri";
|
|
};
|
|
};
|
|
in
|
|
{
|
|
security.acme.certs."wildcard.i4f.de" = {
|
|
domain = "*.i4f.de";
|
|
dnsProvider = "cloudflare";
|
|
credentialsFile = "/persist/var/shortdomains/dns-secrents.env";
|
|
};
|
|
|
|
services.nginx.virtualHosts =
|
|
lib.listToAttrs (map toVirtualHosts redirects)
|
|
// {
|
|
${shortdomain} = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
root = pkgs.writeText "index.html" ''
|
|
<html lang="en">
|
|
<head>
|
|
<title>Infra4future shortlinks</title>
|
|
<meta charset="UTF-8">
|
|
</head>
|
|
<body><h1>Shortlinks for infra4future.de</h1>
|
|
${lib.strings.concatStrings
|
|
(map ({name, target,...}:
|
|
''
|
|
<p>
|
|
<a href="https://${target}">${name}.${shortdomain} → ${target}</a>
|
|
</p>
|
|
'')
|
|
redirects)
|
|
}
|
|
</body>
|
|
</html>
|
|
'';
|
|
};
|
|
};
|
|
}
|