From e18e720bb41cbc43645a9e77b1262dd3d08b4e71 Mon Sep 17 00:00:00 2001
From: Benedikt Peetz <benedikt.peetz@b-peetz.de>
Date: Tue, 4 Feb 2025 19:44:46 +0100
Subject: modules/nix-sync: Actually enable

This includes the obvious changes, ensuring that it follows our
current best-practices.
---
 hosts/by-name/server2/configuration.nix |  4 +++
 hosts/by-name/server2/websites.nix      | 48 +++++++++++++++++++++++++++++++++
 2 files changed, 52 insertions(+)
 create mode 100644 hosts/by-name/server2/websites.nix

(limited to 'hosts')

diff --git a/hosts/by-name/server2/configuration.nix b/hosts/by-name/server2/configuration.nix
index 95f0ade..6909bdd 100644
--- a/hosts/by-name/server2/configuration.nix
+++ b/hosts/by-name/server2/configuration.nix
@@ -55,6 +55,10 @@
         "source.foss-syndicate.org" = "https://git.foss-syndicate.org/vhack.eu/nixos-server";
       };
     };
+    nix-sync = {
+      enable = true;
+      domains = import ./websites.nix {};
+    };
     nixconfig.enable = true;
     openssh.enable = true;
     persist = {
diff --git a/hosts/by-name/server2/websites.nix b/hosts/by-name/server2/websites.nix
new file mode 100644
index 0000000..57c4a6d
--- /dev/null
+++ b/hosts/by-name/server2/websites.nix
@@ -0,0 +1,48 @@
+{...}: let
+  extraWkdSettings = {
+    locations."/.well-known/openpgpkey/hu/".extraConfig = ''
+      default_type application/octet-stream;
+
+      # Came from: https://www.uriports.com/blog/setting-up-openpgp-web-key-directory/
+      # No idea if it is actually necessary
+      # add_header Access-Control-Allow-Origin * always;
+    '';
+  };
+in [
+  {
+    domain = "vhack.eu";
+    repositoryUrl = "https://codeberg.org/vhack.eu/website.git";
+  }
+  {
+    domain = "b-peetz.de";
+    repositoryUrl = "https://codeberg.org/bpeetz/b-peetz.de.git";
+  }
+
+  # Trinitrix
+  {
+    domain = "trinitrix.vhack.eu";
+    repositoryUrl = "https://codeberg.org/trinitrix/website.git";
+  }
+
+  # WKD
+  {
+    domain = "openpgpkey.b-peetz.de";
+    repositoryUrl = "https://codeberg.org/vhack.eu/gpg_wkd.git";
+    extraSettings = extraWkdSettings;
+  }
+  {
+    domain = "openpgpkey.s-schoeffel.de";
+    repositoryUrl = "https://codeberg.org/vhack.eu/gpg_wkd.git";
+    extraSettings = extraWkdSettings;
+  }
+  {
+    domain = "openpgpkey.sils.li";
+    repositoryUrl = "https://codeberg.org/vhack.eu/gpg_wkd.git";
+    extraSettings = extraWkdSettings;
+  }
+  {
+    domain = "openpgpkey.vhack.eu";
+    repositoryUrl = "https://codeberg.org/vhack.eu/gpg_wkd.git";
+    extraSettings = extraWkdSettings;
+  }
+]
-- 
cgit 1.4.1