diff options
Diffstat (limited to '')
| -rw-r--r-- | machines/nixos/x86_64-linux/argonath.nix | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/machines/nixos/x86_64-linux/argonath.nix b/machines/nixos/x86_64-linux/argonath.nix index fa7855c..f6ff166 100644 --- a/machines/nixos/x86_64-linux/argonath.nix +++ b/machines/nixos/x86_64-linux/argonath.nix @@ -2,8 +2,34 @@ config, lib, adminUser, + pkgs, ... }: +let + mkWebfinger = config: file: pkgs.writeTextDir file (lib.generators.toJSON { } config); + mkWebfingers = + { subject, ... }@config: + map (mkWebfinger config) [ + subject + (lib.escapeURL subject) + ]; + webfingerRoot = pkgs.symlinkJoin { + name = "felschr.com-webfinger"; + paths = lib.flatten ( + builtins.map mkWebfingers [ + { + subject = "acct:franck@fcuny.net"; + links = [ + { + rel = "http://openid.net/specs/connect/1.0/issuer"; + href = "https://auth.fcuny.net"; + } + ]; + } + ] + ); + }; +in { imports = [ ../../../profiles/acme.nix @@ -77,6 +103,17 @@ locations."/" = { proxyPass = "http://10.100.0.60:8070"; }; + locations."/.well-known/webfinger" = { + root = webfingerRoot; + extraConfig = '' + add_header Access-Control-Allow-Origin "*"; + default_type "application/jrd+json"; + types { application/jrd+json json; } + if ($arg_resource) { + rewrite ^(.*)$ /$arg_resource break; + } + ''; + }; }; }; }; |