ctucx.git: nixfiles

ctucx' nixfiles

commit 5691f3de19623e2fef5e5bcfed4ddedbc72f34ca
parent 9f42f615e7d24633c2cfd4490fa59b3172ab693d
Author: Katja (ctucx) <git@ctu.cx>
Date: Thu, 20 Mar 2025 15:43:29 +0100

configurations/nixos/websites: add `oeffi.katja.wtf`

1 file changed, 92 insertions(+), 0 deletions(-)
A
configurations/nixos/websites/oeffi.katja.wtf.nix
|
92
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
diff --git a/configurations/nixos/websites/oeffi.katja.wtf.nix b/configurations/nixos/websites/oeffi.katja.wtf.nix
@@ -0,0 +1,92 @@
+{ config, pkgs, lib, ... }:
+
+{
+
+  dns.zones."katja.wtf".subdomains.oeffi.CNAME = [ "${config.networking.fqdn}." ];
+
+  services.nginx = {
+    enable = true;
+    appendHttpConfig = ''
+      map $vendotarget $vendopath {
+        default    no;
+        locations  '/mob/location/search';
+        location   '/mob/location/details';
+        journeys   '/mob/angebote/fahrplan';
+        journey    '/mob/angebote/recon';
+        departures '/mob/bahnhofstafel/abfahrt';
+        trip       '/mob/zuglauf';
+      }
+
+      map $hafastarget $hafasurl {
+        default no;
+        nahsh   nah.sh.hafas.de;
+        rmv     www.rmv.de;
+        bvg     bvg-apps-ext.hafas.de;
+        oebb    fahrplan.oebb.at;
+      }
+
+      map $hafastarget $hafaspath {
+        default no;
+        nahsh   '/bin/mgate.exe';
+        rmv     '/auskunft/bin/jp/mgate.exe';
+        bvg     '/bin/mgate.exe';
+        oebb    '/bin/mgate.exe';
+      }
+    '';
+
+    virtualHosts."oeffi.katja.wtf" = {
+      useACMEHost = "${config.networking.fqdn}";
+      forceSSL    = true;
+      kTLS        = true;
+      root        = pkgs.trainsearch;
+      extraConfig = ''
+        merge_slashes off;
+        large_client_header_buffers 4 16k;
+      '';
+
+      locations."/db/vehicle-sequence".extraConfig = ''
+        proxy_ssl_server_name on;
+        proxy_ssl_name        www.bahn.de;
+        proxy_set_header      Host www.bahn.de;
+        proxy_hide_header     Cookie;
+        proxy_pass            https://www.bahn.de/web/api/reisebegleitung/wagenreihung/vehicle-sequence$is_args$args;
+      '';
+
+
+      locations."~ ^/db/vendo/(?<vendotarget>[a-z]+)(/([^\\r\\n].*))?$".extraConfig = ''
+        if ($vendopath = no) {
+          return 400;
+        }
+
+        if ($vendotarget = 'trip') {
+          set $vendopath '$vendopath$2';
+        }
+
+        if ($vendotarget = 'location') {
+          set $vendopath '$vendopath$2';
+        }
+
+        set $vendodomain 'app.vendo.noncd.db.de';
+
+        proxy_ssl_server_name on;
+        proxy_ssl_name        $vendodomain;
+        proxy_set_header      Host $vendodomain;
+        proxy_hide_header     Cookie;
+        proxy_pass            https://$vendodomain$vendopath;
+      '';
+
+      locations."~ ^/hafas/(?<hafastarget>.*)$".extraConfig = ''
+        if ($hafasurl = no) {
+          return 400;
+        }
+
+        proxy_ssl_server_name on;
+        proxy_ssl_name        $hafasurl;
+        proxy_set_header      Host $hafasurl;
+        proxy_hide_header     Cookie;
+        proxy_pass            https://$hafasurl$hafaspath;
+      '';
+    };
+  };
+
+}