about summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--configuration.nix52
-rw-r--r--ipfs.nix51
2 files changed, 58 insertions, 45 deletions
diff --git a/configuration.nix b/configuration.nix
index c68d76b..9e00c0a 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -20,8 +20,9 @@ in {
   } "${config.services.nginx.virtualHosts.${domain}.root}/~";
 
   imports = [
-    ./vpsadminos.nix
+    ./ipfs.nix
     ./matrix.nix
+    ./vpsadminos.nix
   ];
 
   networking = {
@@ -46,18 +47,6 @@ in {
   security = {
     acme = {
       acceptTerms = true;
-      certs.${domain} = {
-        credentialsFile = pkgs.writeText "namesilo.env" ''
-          NAMESILO_API_KEY_FILE=/var/lib/acme/namesilo.key
-          NAMESILO_PROPAGATION_TIMEOUT=1800
-        '';
-        dnsProvider = "namesilo";
-        extraDomainNames = [
-          "*.ipfs.${domain}"
-          "*.ipns.${domain}"
-        ];
-        webroot = null;
-      };
       defaults.email = "mcsinyx@disroot.org";
     };
 
@@ -69,18 +58,6 @@ in {
   };
 
   services = {
-    ipfs = {
-      enable = true;
-      enableGC = true;
-      extraConfig.GateWay = {
-        NoFetch = true;
-        PublicGateways.${domain} = {
-          Paths =  [ "/ipfs" "/ipns" ];
-          UseSubdomains = true;
-        };
-      };
-    };
-
     molly-brown = {
       certPath = "${certs.directory}/cert.pem";
       docBase = "/var/lib/gemini/${domain}";
@@ -89,28 +66,13 @@ in {
       keyPath = "${certs.directory}/key.pem";
     };
 
-    nginx = let
-      ipfsGateway = "http://localhost:8080";
-      ipfsProxy = {
-        forceSSL = true;
-        locations."/".proxyPass = ipfsGateway;
-        useACMEHost = domain;
-      };
-    in {
+    nginx = {
       enable = true;
       recommendedProxySettings = true;
-      virtualHosts = {
-        "${domain}" = {
-          enableACME = true;
-          forceSSL = true;
-          locations = {
-            "/ipfs".proxyPass = ipfsGateway;
-            "/ipns".proxyPass = ipfsGateway;
-          };
-          root = "/var/lib/www/${domain}";
-        };
-        "*.ipfs.${domain}" = ipfsProxy;
-        "*.ipns.${domain}" = ipfsProxy;
+      virtualHosts.${domain} = {
+        enableACME = true;
+        forceSSL = true;
+        root = "/var/lib/www/${domain}";
       };
     };
 
diff --git a/ipfs.nix b/ipfs.nix
new file mode 100644
index 0000000..a2bf6a3
--- /dev/null
+++ b/ipfs.nix
@@ -0,0 +1,51 @@
+{ config, pkgs, ... }:
+let domain = config.networking.domain;
+in {
+  security.acme.certs.${domain} = {
+    credentialsFile = pkgs.writeText "namesilo.env" ''
+      NAMESILO_API_KEY_FILE=/var/lib/acme/namesilo.key
+      NAMESILO_PROPAGATION_TIMEOUT=1800
+    '';
+    dnsProvider = "namesilo";
+    extraDomainNames = [
+      "*.ipfs.${domain}"
+      "*.ipns.${domain}"
+    ];
+    webroot = null;
+  };
+
+  services = {
+    ipfs = {
+      enable = true;
+      enableGC = true;
+      extraConfig.GateWay = {
+        NoFetch = true;
+        PublicGateways.${domain} = {
+          Paths =  [ "/ipfs" "/ipns" ];
+          UseSubdomains = true;
+        };
+      };
+    };
+
+    nginx.virtualHosts = let
+      ipfsGateway = "http://localhost:8080";
+      ipfsProxy = {
+        forceSSL = true;
+        locations."/".proxyPass = ipfsGateway;
+        useACMEHost = domain;
+      };
+    in {
+      "${domain}".locations = {
+        "/ipfs".proxyPass = ipfsGateway;
+        "/ipns".proxyPass = ipfsGateway;
+      };
+      "*.ipfs.${domain}" = ipfsProxy;
+      "*.ipns.${domain}" = ipfsProxy;
+      "ipwhl.${domain}" = {
+        enableACME = true;
+        forceSSL = true;
+        locations."/".proxyPass = ipfsGateway;
+      };
+    };
+  };
+}