feat: add guestbook did

2025-02-07 07:28:24 +09:00 · 2025-02-07 07:28:24 +09:00 · 217fe05d81
commit 217fe05d81
parent cb13ca766d
4 changed files with 47 additions and 26 deletions
--- a/hosts/wolumonde/modules/atproto.nix
+++ b/hosts/wolumonde/modules/atproto.nix
@ -1,35 +1,29 @@
-{pkgs, ...}: let
-in {
-  services.nginx.virtualHosts."gaze.systems" = let
-    _wellKnownFile =
-      pkgs.writeText "server" "did:plc:dfl62fgb7wtjj3fcbb72naae";
-    wellKnownDir = pkgs.runCommand "well-known" {} ''
-      mkdir -p $out
-      cp ${_wellKnownFile} $out/atproto-did
+{pkgs, lib, ...}: let
+  mkFileCopy = name: file: "cp ${file} $out/${name}";
+  mkWellKnownDir = files: pkgs.runCommand "well-known" {} ''
+    mkdir -p $out
+    ${lib.concatStringsSep "\n" (lib.mapAttrsToList mkFileCopy files)}
  '';
-  in {
-    locations."/.well-known/".extraConfig = ''
-      add_header content-type text/plain;
-      add_header access-control-allow-origin *;
-      alias ${wellKnownDir}/;
-    '';
-  };
-  services.nginx.virtualHosts."dawn.gaze.systems" = let
-    _atprotoDidFile =
-      pkgs.writeText "server" "did:web:dawn.gaze.systems";
-    _didFile = ../../../secrets/dawn.did;
-    wellKnownDir = pkgs.runCommand "well-known" {} ''
-      mkdir -p $out
-      cp ${_didFile} $out/did.json
-      cp ${_atprotoDidFile} $out/atproto-did
-  '';
-  in {
+  mkWellKnownCfg = files: {
    useACMEHost = "gaze.systems";
    forceSSL = true;
    locations."/.well-known/".extraConfig = ''
      add_header content-type text/plain;
      add_header access-control-allow-origin *;
-      alias ${wellKnownDir}/;
+      alias ${mkWellKnownDir files}/;
    '';
  };
+  mkDidWebCfg = domain: {
+    "${domain}" = mkWellKnownCfg {
+      "did.json" = ../../../secrets/${domain}.did;
+      "atproto-did" = pkgs.writeText "server" "did:web:${domain}";
+    };
+  };
+in {
+  services.nginx.virtualHosts = {
+    "gaze.systems" = mkWellKnownCfg {
+      "atproto-did" = pkgs.writeText "server" "did:plc:dfl62fgb7wtjj3fcbb72naae";
+    };
+  } // (mkDidWebCfg "dawn.gaze.systems")
+  // (mkDidWebCfg "guestbook.gaze.systems");
 }
--- a/hosts/wolumonde/modules/nginx.nix
+++ b/hosts/wolumonde/modules/nginx.nix
@ -24,6 +24,7 @@
        "limbus.gaze.systems"
        # "bsky.gaze.systems"
        "dawn.gaze.systems"
+        "guestbook.gaze.systems"
      ];
    };
  };
--- a/secrets/dawn.gaze.systems.did
+++ b/secrets/dawn.gaze.systems.did
--- a/secrets/guestbook.gaze.systems.did
+++ b/secrets/guestbook.gaze.systems.did
@ -0,0 +1,26 @@
+{
+  "@context": [
+    "https://www.w3.org/ns/did/v1",
+    "https://w3id.org/security/multikey/v1",
+    "https://w3id.org/security/suites/secp256k1-2019/v1"
+  ],
+  "id": "did:web:guestbook.gaze.systems",
+  "alsoKnownAs": [
+    "at://guestbook.gaze.systems"
+  ],
+  "verificationMethod": [
+    {
+      "id": "did:web:guestbook.gaze.systems#atproto",
+      "type": "Multikey",
+      "controller": "did:web:guestbook.gaze.systems",
+      "publicKeyMultibase": "zQ3shSiLsnqpyQ4SfDTT1D8qzFEoeYT8rSDXW6o8pVY7VcRBJ"
+    }
+  ],
+  "service": [
+    {
+      "id": "#atproto_pds",
+      "type": "AtprotoPersonalDataServer",
+      "serviceEndpoint": "https://gaze.systems"
+    }
+  ]
+}