1 files changed, 1 insertions, 82 deletions

diff --git a/machines/nixos/x86_64-linux/argonath.nix b/machines/nixos/x86_64-linux/argonath.nix
index 63ff2c9..a67054a 100644
--- a/machines/nixos/x86_64-linux/argonath.nix
+++ b/machines/nixos/x86_64-linux/argonath.nix
@@ -2,34 +2,8 @@
   config,
   lib,
   adminUser,
-  pkgs,
   ...
 }:
-let
-  mkWebfinger = config: file: pkgs.writeTextDir file (lib.generators.toJSON { } config);
-  mkWebfingers =
-    { subject, ... }@config:
-    map (mkWebfinger config) [
-      subject
-      (lib.escapeURL subject)
-    ];
-  webfingerRoot = pkgs.symlinkJoin {
-    name = "felschr.com-webfinger";
-    paths = lib.flatten (
-      builtins.map mkWebfingers [
-        {
-          subject = "acct:franck@fcuny.net";
-          links = [
-            {
-              rel = "http://openid.net/specs/connect/1.0/issuer";
-              href = "https://auth.fcuny.net";
-            }
-          ];
-        }
-      ]
-    );
-  };
-in
 {
   imports = [
     ../../../profiles/acme.nix
@@ -38,6 +12,7 @@ in
     ../../../profiles/disk/basic-vm.nix
     ../../../profiles/hardware/do-droplet.nix
     ../../../profiles/home-manager.nix
+    ../../../profiles/reverse-proxy.nix
     ../../../profiles/server.nix
   ];
 
@@ -68,62 +43,6 @@ in
   networking.firewall.trustedInterfaces = [ "wg0" ];
   networking.firewall.allowedUDPPorts = [ 51871 ];
 
-  networking.firewall.allowedTCPPorts = [
-    80
-    443
-  ];
-
-  services.nginx = {
-    enable = true;
-    recommendedProxySettings = true;
-    recommendedGzipSettings = true;
-    recommendedOptimisation = true;
-    recommendedTlsSettings = true;
-    virtualHosts = {
-      "code.fcuny.net" = {
-        enableACME = true;
-        acmeRoot = null;
-        forceSSL = true;
-        locations."/" = {
-          proxyPass = "http://10.100.0.60";
-        };
-      };
-      "auth.fcuny.net" = {
-        enableACME = true;
-        acmeRoot = null;
-        forceSSL = true;
-        locations."/" = {
-          proxyPass = "http://10.100.0.60:9092";
-        };
-      };
-      "reader.fcuny.net" = {
-        enableACME = true;
-        acmeRoot = null;
-        forceSSL = true;
-        locations."/".proxyPass = "http://10.100.0.60:8002";
-      };
-      "fcuny.net" = {
-        enableACME = true;
-        acmeRoot = null;
-        forceSSL = true;
-        locations."/" = {
-          proxyPass = "http://10.100.0.60:8070";
-        };
-        locations."/.well-known/webfinger" = {
-          root = webfingerRoot;
-          extraConfig = ''
-            add_header Access-Control-Allow-Origin "*";
-            default_type "application/jrd+json";
-            types { application/jrd+json json; }
-            if ($arg_resource) {
-              rewrite ^(.*)$ /$arg_resource break;
-            }
-          '';
-        };
-      };
-    };
-  };
-
   system.stateVersion = "25.05"; # Did you read the comment?
 
   home-manager = {