1 files changed, 37 insertions, 0 deletions

diff --git a/machines/nixos/x86_64-linux/argonath.nix b/machines/nixos/x86_64-linux/argonath.nix
index fa7855c..f6ff166 100644
--- a/machines/nixos/x86_64-linux/argonath.nix
+++ b/machines/nixos/x86_64-linux/argonath.nix
@@ -2,8 +2,34 @@
   config,
   lib,
   adminUser,
+  pkgs,
   ...
 }:
+let
+  mkWebfinger = config: file: pkgs.writeTextDir file (lib.generators.toJSON { } config);
+  mkWebfingers =
+    { subject, ... }@config:
+    map (mkWebfinger config) [
+      subject
+      (lib.escapeURL subject)
+    ];
+  webfingerRoot = pkgs.symlinkJoin {
+    name = "felschr.com-webfinger";
+    paths = lib.flatten (
+      builtins.map mkWebfingers [
+        {
+          subject = "acct:franck@fcuny.net";
+          links = [
+            {
+              rel = "http://openid.net/specs/connect/1.0/issuer";
+              href = "https://auth.fcuny.net";
+            }
+          ];
+        }
+      ]
+    );
+  };
+in
 {
   imports = [
     ../../../profiles/acme.nix
@@ -77,6 +103,17 @@
         locations."/" = {
           proxyPass = "http://10.100.0.60:8070";
         };
+        locations."/.well-known/webfinger" = {
+          root = webfingerRoot;
+          extraConfig = ''
+            add_header Access-Control-Allow-Origin "*";
+            default_type "application/jrd+json";
+            types { application/jrd+json json; }
+            if ($arg_resource) {
+              rewrite ^(.*)$ /$arg_resource break;
+            }
+          '';
+        };
       };
     };
   };