ctucx.git: nixfiles

configurations/nixos: add `websites`

diff --git a/machines/briefkasten/websites/audiobooks.home.ctu.cx.nix b/configurations/nixos/websites/audiobooks.home.ctu.cx.nix

diff --git a/machines/hector/websites/bikemap.ctu.cx.nix b/configurations/nixos/websites/bikemap.ctu.cx.nix

diff --git a/machines/hector/websites/ctu.cx.nix b/configurations/nixos/websites/ctu.cx.nix

diff --git a/machines/wanderduene/websites/ip.ctu.cx.nix b/configurations/nixos/websites/ip.ctu.cx.nix

diff --git a/machines/briefkasten/websites/music.home.ctu.cx.nix b/configurations/nixos/websites/music.home.ctu.cx.nix

diff --git a/machines/hector/websites/photos.ctu.cx.nix b/configurations/nixos/websites/photos.ctu.cx.nix

diff --git a/machines/briefkasten/websites/storage.home.ctu.cx/default.nix b/configurations/nixos/websites/storage.home.ctu.cx/default.nix

diff --git a/machines/briefkasten/websites/storage.home.ctu.cx/web-root/index.html b/configurations/nixos/websites/storage.home.ctu.cx/web-root/index.html

diff --git a/machines/hector/websites/things.ctu.cx.nix b/configurations/nixos/websites/things.ctu.cx.nix

diff --git a/machines/briefkasten/default.nix b/machines/briefkasten/default.nix
@@ -12,6 +12,9 @@
     ctucxConfig.programs.yt-dlp
     ctucxConfig.programs.ocrmypdf
 
+    ctucxConfig.websites."music.home.ctu.cx"
+    ctucxConfig.websites."audiobooks.home.ctu.cx"
+
     # syncthing (and it's backup)
     ./syncthing.nix
 

@@ -23,8 +26,6 @@
     ./scanner-sftp.nix
 
     ./router
-
-    ./websites
   ];
 
   age.secrets = {

diff --git a/machines/briefkasten/websites/default.nix b/machines/briefkasten/websites/default.nix
@@ -1,12 +0,0 @@
-{ ... }:
-
-{
-
-  imports = [
-    ./music.home.ctu.cx.nix
-    ./audiobooks.home.ctu.cx.nix
-#    ./storage.home.ctu.cx
-  ];
-
-}
-

diff --git a/machines/hector/default.nix b/machines/hector/default.nix
@@ -8,6 +8,11 @@
     ctucxConfig.services.prometheus-exporters
     ctucxConfig.services.dns-server
 
+    ctucxConfig.websites."ctu.cx"
+    ctucxConfig.websites."things.ctu.cx"
+    ctucxConfig.websites."bikemap.ctu.cx"
+    ctucxConfig.websites."photos.ctu.cx"
+
     # monitoring
     ./prometheus.nix
     ./grafana

@@ -28,7 +33,6 @@
 
     ./syncthing.nix
 
-    ./websites
     ./grocy.nix
   ];
 

diff --git a/machines/hector/websites/default.nix b/machines/hector/websites/default.nix
@@ -1,13 +0,0 @@
-{ ... }:
-
-{
-
-  imports = [
-    ./ctu.cx.nix
-    ./things.ctu.cx.nix
-    ./bikemap.ctu.cx.nix
-    ./photos.ctu.cx.nix
-    ./oeffi.ctu.cx.nix
-  ];
-
-}

diff --git a/machines/hector/websites/oeffi.ctu.cx.nix b/machines/hector/websites/oeffi.ctu.cx.nix
@@ -1,59 +0,0 @@
-{ config, pkgs, lib, ... }:
-
-{
-
-  dns.zones."ctu.cx".subdomains.oeffi.CNAME = [ "${config.networking.fqdn}." ];
-
-  services.nginx = {
-    enable = true;
-    appendHttpConfig = ''
-      map $phost $host_allowed {
-        default no;
-        www.bahn.de yes;
-        app.vendo.noncd.db.de yes;
-        nah.sh.hafas.de yes;
-        www.rmv.de yes;
-        vrn.hafas.de yes;
-        bvg-apps-ext.hafas.de yes;
-        fahrplan.oebb.at yes;
-      }
-
-    '';
-    virtualHosts."oeffi.ctu.cx" = {
-      enableACME  = true;
-      forceSSL    = true;
-      kTLS        = true;
-      root        = pkgs.trainsearch;
-      extraConfig = ''
-        merge_slashes off;
-      '';
-      locations."~ ^/(?<pscheme>https?://)(?<phost>[^/\\n\\r]+)(?<ppath>/.*)$".extraConfig = ''
-        if ($request_method = OPTIONS) {
-          more_set_headers "Access-Control-Allow-Headers: *";
-          more_set_headers "Access-Control-Allow-Origin: http://localhost:8080";
-          more_set_headers "Access-Control-Max-Age: 3600";
-          more_set_headers "Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS";
-          add_header Content-Type text/plain;
-          add_header Content-Length 0;
-          return 204;
-        }
-
-        resolver 8.8.8.8;
-
-        if ($host_allowed != yes) {
-          return 400;
-        }
-
-        more_set_headers "Access-Control-Allow-Headers: *";
-        more_set_headers "Access-Control-Allow-Origin: http://localhost:8080";
-        more_set_headers "Access-Control-Max-Age: 3600";
-        more_set_headers "Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS";
-
-        proxy_set_header Host $phost;
-        proxy_redirect ~^(https?://)([^/]+)(.*)$ $scheme://$http_host/$1$2$3;
-        proxy_pass $pscheme$phost$ppath$is_args$args;
-      '';
-    };
-  };
-
-}

diff --git a/machines/wanderduene/default.nix b/machines/wanderduene/default.nix
@@ -11,13 +11,13 @@
     ctucxConfig.services.prometheus-exporters
     ctucxConfig.services.dns-server
 
+    ctucxConfig.websites."ip.ctu.cx"
+
     ./rclone-restic-server.nix
 
     ./syncthing.nix
 
     ./dendrite.nix
-
-    ./websites
   ];
 
   documentation.nixos.enable = false;

diff --git a/machines/wanderduene/websites/default.nix b/machines/wanderduene/websites/default.nix
@@ -1,9 +0,0 @@
-{ ... }:
-
-{
-
-  imports = [
-    ./ip.ctu.cx.nix
-  ];
-
-}