gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 04:19:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

chore(access): refactor zone

Browse source
This commit is contained in:
arcnmx 2024-09-21 20:54:05 -07:00
parent 22c02adb41
commit 1a4ab08adc
2 changed files with 61 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

22
nixos/access/gensokyo.nix → nixos/access/gensokyo/default.nix
View file

@ -9,7 +9,6 @@
inherit (lib.strings) escapeRegex; inherit (lib.strings) escapeRegex;
inherit (gensokyo-zone.lib) domain; inherit (gensokyo-zone.lib) domain;
inherit (config.services) nginx; inherit (config.services) nginx;
minecraftBackups = "${config.kyuuto.dataDir}/minecraft/simplebackups";
in { in {
services.nginx.virtualHosts.gensokyoZone = { services.nginx.virtualHosts.gensokyoZone = {
serverName = domain; serverName = domain;
@ -25,20 +24,6 @@ in {
} }
]; ];
}; };
"/minecraft/backups" = {
root = pkgs.linkFarm "genso-minecraft-backups" [
{
name = "minecraft/backups";
path = minecraftBackups;
}
];
extraConfig = ''
gzip off;
autoindex on;
auth_basic "private";
auth_basic_user_file ${config.sops.secrets.access-web-htpasswd.path};
'';
};
"/.well-known/webfinger" = let "/.well-known/webfinger" = let
# https://www.rfc-editor.org/rfc/rfc7033#section-3.1 # https://www.rfc-editor.org/rfc/rfc7033#section-3.1
oidc = { oidc = {
@ -73,11 +58,4 @@ in {
}; };
}; };
}; };
systemd.services.nginx.serviceConfig.BindReadOnlyPaths = [
minecraftBackups
];
sops.secrets.access-web-htpasswd = {
sopsFile = mkDefault ../secrets/access.yaml;
owner = nginx.user;
};
} }

61
nixos/access/gensokyo/minecraft.nix Normal file
View file

@ -0,0 +1,61 @@
{
config,
gensokyo-zone,
lib,
pkgs,
...
}: let
inherit (lib.modules) mkMerge mkDefault;
inherit (gensokyo-zone.lib) domain;
inherit (config.services) nginx;
minecraftBackups = "${config.kyuuto.dataDir}/minecraft/simplebackups";
minecraftDownloads = "${config.kyuuto.shareDir}/projects/minecraft/public";
root = pkgs.linkFarm "genso-minecraft-backups" [
{
name = "minecraft/downloads";
path = minecraftDownloads;
}
{
name = "minecraft/backups";
path = minecraftBackups;
}
{
name = "minecraft/wiki/dummy";
path = "nope";
}
];
extraConfig = ''
gzip off;
autoindex on;
'';
authPrivate = ''
auth_basic "private";
auth_basic_user_file ${config.sops.secrets.access-web-htpasswd.path};
'';
in {
services.nginx.virtualHosts.gensokyoZone = {
locations = {
"/minecraft" = {
inherit root extraConfig;
};
"/minecraft/wiki" = {
return = "302 https://wiki.${domain}/minecraft/";
};
"/minecraft/backups" = {
inherit root;
extraConfig = mkMerge [
extraConfig
authPrivate
];
};
};
};
systemd.services.nginx.serviceConfig.BindReadOnlyPaths = [
minecraftBackups
minecraftDownloads
];
sops.secrets.access-web-htpasswd = {
sopsFile = mkDefault ../../secrets/access.yaml;
owner = nginx.user;
};
}