ctucx.git: nixfiles

machines/wanderduene/websites: add `ip.ctu.cx`

diff --git a/machines/wanderduene/configuration.nix b/machines/wanderduene/configuration.nix
@@ -15,6 +15,7 @@
     ./3proxy.nix
 #    ./reverse-proxy-stasicontainer.nix
 
+    ./websites
   ] ++ (if nodes.briefkasten.config.networking.usePBBUplink != true then [
     ./reverse-proxy-briefkasten.nix
   ] else [ ]);

diff --git a/machines/wanderduene/websites/default.nix b/machines/wanderduene/websites/default.nix
@@ -0,0 +1,9 @@
+{ ... }:
+
+{
+
+  imports = [
+    ./ip.ctu.cx.nix
+  ];
+
+}

diff --git a/machines/wanderduene/websites/ip.ctu.cx.nix b/machines/wanderduene/websites/ip.ctu.cx.nix
@@ -0,0 +1,79 @@
+{ pkgs, config, ... }:
+
+{
+
+  dns.zones."ctu.cx".subdomains."ip"       = (pkgs.dns.lib.combinators.host config.networking.primaryIP4 config.networking.primaryIP);
+  dns.zones."ctu.cx".subdomains."ip4".A    = [ (pkgs.dns.lib.combinators.a    config.networking.primaryIP4) ];
+  dns.zones."ctu.cx".subdomains."ip6".AAAA = [ (pkgs.dns.lib.combinators.aaaa config.networking.primaryIP) ];
+
+  services.nginx.virtualHosts."ip.${config.networking.domain}" = {
+    enableACME = true;
+    forceSSL   = true;
+    kTLS       = true;
+    locations."/" = {
+      extraConfig = "types { } default_type 'text/html; charset=utf-8';";
+      return      = ''200 '
+        <!DOCTYPE html>
+        <html>
+          <head>
+            <title>ip.${config.networking.domain}</title>
+          </head>
+          <body>
+            <h1>ip.${config.networking.domain}</h1>
+            <ul>
+              <li><span style="user-select: none;"><b>IPv6:</b> </span><span id="ip6">Loading...</span></li>
+              <li><span style="user-select: none;"><b>IPv4:</b> </span><span id="ip4">Loading...</span></li>
+            </ul>
+            <p>Use bash and curl: <code>curl ip{4,6}.${config.networking.domain}</code></p>
+            <p><small>Because any other "Whats my IP?"-tool sucks. <a href="https://git.clerie.de/clerie/ip.clerie.de">Host yourself :3</a></small></p>
+
+            <script>
+              window.addEventListener("DOMContentLoaded", (event) => {
+                [ "ip6", "ip4" ].forEach(async (ipVersion) => {
+                  try {
+                    const url      = "https://" + ipVersion + ".${config.networking.domain}/";
+                    const response = await fetch(url + ((/\?/).test(url) ? "&" : "?") + (new Date()).getTime());
+                    if(response.status != 200) {
+                      document.getElementById(ipVersion).innerText = "Error!";
+                    } else {
+                      document.getElementById(ipVersion).innerText = await response.text();
+                    }
+                  } catch {
+                    document.getElementById(ipVersion).innerText = "Error!";
+                  }
+                });
+              });
+            </script>
+          </body>
+        </html>'
+      '';
+    };
+  };
+
+  services.nginx.virtualHosts."ip4.${config.networking.domain}" = {
+    enableACME = true;
+    forceSSL   = true;
+    kTLS       = true;
+    locations."/" = {
+      return      = "200 '$remote_addr\n'";
+      extraConfig = ''
+        types { } default_type "text/plain; charset=utf-8";
+        add_header Access-Control-Allow-Origin *;
+      '';
+    };
+  };
+
+  services.nginx.virtualHosts."ip6.${config.networking.domain}" = {
+    enableACME = true;
+    forceSSL   = true;
+    kTLS       = true;
+    locations."/" = {
+      return      = "200 '$remote_addr\n'";
+      extraConfig = ''
+        types { } default_type "text/plain; charset=utf-8";
+        add_header Access-Control-Allow-Origin *;
+      '';
+    };
+  };
+  
+}+
\ No newline at end of file