2025-02-07 07:28:24 +09:00
|
|
|
{pkgs, lib, ...}: let
|
|
|
|
|
mkFileCopy = name: file: "cp ${file} $out/${name}";
|
|
|
|
|
mkWellKnownDir = files: pkgs.runCommand "well-known" {} ''
|
|
|
|
|
mkdir -p $out
|
|
|
|
|
${lib.concatStringsSep "\n" (lib.mapAttrsToList mkFileCopy files)}
|
2025-02-04 20:37:21 +09:00
|
|
|
'';
|
2025-02-07 07:28:24 +09:00
|
|
|
mkWellKnownCfg = files: {
|
2024-11-22 02:35:08 +09:00
|
|
|
useACMEHost = "gaze.systems";
|
|
|
|
|
forceSSL = true;
|
2025-02-04 20:37:21 +09:00
|
|
|
locations."/.well-known/".extraConfig = ''
|
|
|
|
|
add_header content-type text/plain;
|
|
|
|
|
add_header access-control-allow-origin *;
|
2025-02-07 07:28:24 +09:00
|
|
|
alias ${mkWellKnownDir files}/;
|
2024-11-22 02:35:08 +09:00
|
|
|
'';
|
|
|
|
|
};
|
2025-02-07 07:28:24 +09:00
|
|
|
mkDidWebCfg = domain: {
|
|
|
|
|
"${domain}" = mkWellKnownCfg {
|
|
|
|
|
"did.json" = ../../../secrets/${domain}.did;
|
|
|
|
|
"atproto-did" = pkgs.writeText "server" "did:web:${domain}";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
in {
|
|
|
|
|
services.nginx.virtualHosts = {
|
|
|
|
|
"gaze.systems" = mkWellKnownCfg {
|
|
|
|
|
"atproto-did" = pkgs.writeText "server" "did:plc:dfl62fgb7wtjj3fcbb72naae";
|
|
|
|
|
};
|
|
|
|
|
} // (mkDidWebCfg "dawn.gaze.systems")
|
|
|
|
|
// (mkDidWebCfg "guestbook.gaze.systems");
|
2024-01-14 22:05:39 +03:00
|
|
|
}
|
