diff --git a/config/hosts/public-web-static/virtualHosts/default.nix b/config/hosts/public-web-static/virtualHosts/default.nix index e22165f..3678a96 100644 --- a/config/hosts/public-web-static/virtualHosts/default.nix +++ b/config/hosts/public-web-static/virtualHosts/default.nix @@ -9,5 +9,6 @@ ./spaceapi.hamburg.ccc.de.nix ./staging.hamburg.ccc.de.nix ./www.hamburg.ccc.de.nix + ./historic-easterhegg ]; } diff --git a/config/hosts/public-web-static/virtualHosts/historic-easterhegg/default.nix b/config/hosts/public-web-static/virtualHosts/historic-easterhegg/default.nix new file mode 100644 index 0000000..f9805cf --- /dev/null +++ b/config/hosts/public-web-static/virtualHosts/historic-easterhegg/default.nix @@ -0,0 +1,11 @@ +{...}: + +{ + imports = [ + ./eh03.nix + ./eh05.nix + ./eh07.nix + ./eh09.nix + ./eh11.nix + ]; +} \ No newline at end of file diff --git a/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh03.nix b/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh03.nix new file mode 100644 index 0000000..60d4f21 --- /dev/null +++ b/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh03.nix @@ -0,0 +1,101 @@ +{ pkgs, ... }: + +let + eh03 = pkgs.fetchgit { + url = "https://git.hamburg.ccc.de/CCCHH/easterhegg-2003-website.git"; + rev = "74977c56486cd060566bf06678a936e801952f9e"; + hash = "sha256-ded/NO+Jex2Sa4yWAIRpqANsv8i0vKmJSkM5r9KxaVk="; + }; +in +{ + security.acme.certs."eh03.easterhegg.eu".extraDomainNames = [ + "eh2003.hamburg.ccc.de" + "www.eh2003.hamburg.ccc.de" + "easterhegg2003.hamburg.ccc.de" + "www.easterhegg2003.hamburg.ccc.de" + ]; + + services.nginx.virtualHosts = { + "acme-eh03.easterhegg.eu" = { + enableACME = true; + serverName = "eh03.easterhegg.eu"; + serverAliases = [ + "eh2003.hamburg.ccc.de" + "www.eh2003.hamburg.ccc.de" + "easterhegg2003.hamburg.ccc.de" + "www.easterhegg2003.hamburg.ccc.de" + ]; + listen = [{ + addr = "0.0.0.0"; + port = 31820; + }]; + }; + + "easterhegg2003.hamburg.ccc.de" = { + forceSSL = true; + useACMEHost = "eh03.easterhegg.eu"; + serverAliases = [ + "eh2003.hamburg.ccc.de" + "www.eh2003.hamburg.ccc.de" + "www.easterhegg2003.hamburg.ccc.de" + ]; + + listen = [{ + addr = "0.0.0.0"; + port = 8443; + ssl = true; + proxyProtocol = true; + }]; + + locations."/".return = "302 https://eh03.easterhegg.eu"; + + extraConfig = '' + # Make use of the ngx_http_realip_module to set the $remote_addr and + # $remote_port to the client address and client port, when using proxy + # protocol. + # First set our proxy protocol proxy as trusted. + set_real_ip_from 172.31.17.140; + # Then tell the realip_module to get the addreses from the proxy protocol + # header. + real_ip_header proxy_protocol; + ''; + }; + + "eh03.easterhegg.eu" = { + forceSSL = true; + useACMEHost = "eh03.easterhegg.eu"; + + listen = [{ + addr = "0.0.0.0"; + port = 8443; + ssl = true; + proxyProtocol = true; + }]; + + locations."/" = { + index = "index.html"; + root = eh03; + extraConfig = '' + # Set default_type to html + default_type text/html; + # Enable SSI + ssi on; + ''; + }; + + extraConfig = '' + set $chosen_lang "de"; + # Make use of the ngx_http_realip_module to set the $remote_addr and + # $remote_port to the client address and client port, when using proxy + # protocol. + # First set our proxy protocol proxy as trusted. + set_real_ip_from 172.31.17.140; + # Then tell the realip_module to get the addreses from the proxy protocol + # header. + real_ip_header proxy_protocol; + # Enable SSI + ssi on; + ''; + }; + }; +} diff --git a/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh05.nix b/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh05.nix new file mode 100644 index 0000000..7651666 --- /dev/null +++ b/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh05.nix @@ -0,0 +1,100 @@ +{ pkgs, ... }: + +let + eh05 = pkgs.fetchgit { + url = "https://git.hamburg.ccc.de/CCCHH/easterhegg-2005-website.git"; + rev = "f1455aee35b6462ab5c46f3d52c47e0b200c1315"; + hash = "sha256-lA4fxO05K39nosSYNfKUtSCrK+dja1yWKILqRklSNy8="; + }; +in +{ + security.acme.certs."eh05.easterhegg.eu".extraDomainNames = [ + "eh2005.hamburg.ccc.de" + "www.eh2005.hamburg.ccc.de" + "easterhegg2005.hamburg.ccc.de" + "www.easterhegg2005.hamburg.ccc.de" + ]; + + services.nginx.virtualHosts = { + "acme-eh05.easterhegg.eu" = { + enableACME = true; + serverName = "eh05.easterhegg.eu"; + serverAliases = [ + "eh2005.hamburg.ccc.de" + "www.eh2005.hamburg.ccc.de" + "easterhegg2005.hamburg.ccc.de" + "www.easterhegg2005.hamburg.ccc.de" + ]; + listen = [{ + addr = "0.0.0.0"; + port = 31820; + }]; + }; + + "easterhegg2005.hamburg.ccc.de" = { + forceSSL = true; + useACMEHost = "eh05.easterhegg.eu"; + serverAliases = [ + "eh2005.hamburg.ccc.de" + "www.eh2005.hamburg.ccc.de" + "www.easterhegg2005.hamburg.ccc.de" + ]; + + listen = [{ + addr = "0.0.0.0"; + port = 8443; + ssl = true; + proxyProtocol = true; + }]; + + locations."/".return = "302 https://eh05.easterhegg.eu"; + + extraConfig = '' + # Make use of the ngx_http_realip_module to set the $remote_addr and + # $remote_port to the client address and client port, when using proxy + # protocol. + # First set our proxy protocol proxy as trusted. + set_real_ip_from 172.31.17.140; + # Then tell the realip_module to get the addreses from the proxy protocol + # header. + real_ip_header proxy_protocol; + ''; + }; + + "eh05.easterhegg.eu" = { + forceSSL = true; + useACMEHost = "eh05.easterhegg.eu"; + + listen = [{ + addr = "0.0.0.0"; + port = 8443; + ssl = true; + proxyProtocol = true; + }]; + + locations."/" = { + index = "index.shtml"; + root = eh05; + extraConfig = '' + # Set default_type to html + default_type text/html; + # Enable SSI + ssi on; + ''; + }; + + extraConfig = '' + # Make use of the ngx_http_realip_module to set the $remote_addr and + # $remote_port to the client address and client port, when using proxy + # protocol. + # First set our proxy protocol proxy as trusted. + set_real_ip_from 172.31.17.140; + # Then tell the realip_module to get the addreses from the proxy protocol + # header. + real_ip_header proxy_protocol; + # Enable SSI + ssi on; + ''; + }; + }; +} diff --git a/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh07.nix b/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh07.nix new file mode 100644 index 0000000..40fe480 --- /dev/null +++ b/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh07.nix @@ -0,0 +1,106 @@ +{ pkgs, ... }: + +let + eh07 = pkgs.fetchgit { + url = "https://git.hamburg.ccc.de/CCCHH/easterhegg-2007-website.git"; + rev = "0bb06fd2654814ddda28469a1bf9e50a9814dd9a"; + hash = "sha256-jMpDxgxbL3ipG3HLJo0ISTdWfYYrd2EfwpmoiWV0qCM="; + }; +in +{ + security.acme.certs."eh07.easterhegg.eu".extraDomainNames = [ + "eh2007.hamburg.ccc.de" + "www.eh2007.hamburg.ccc.de" + "eh07.hamburg.ccc.de" + "www.eh07.hamburg.ccc.de" + "easterhegg2007.hamburg.ccc.de" + "www.easterhegg2007.hamburg.ccc.de" + ]; + + services.nginx.virtualHosts = { + "acme-eh07.easterhegg.eu" = { + enableACME = true; + serverName = "eh07.easterhegg.eu"; + serverAliases = [ + "eh2007.hamburg.ccc.de" + "www.eh2007.hamburg.ccc.de" + "eh07.hamburg.ccc.de" + "www.eh07.hamburg.ccc.de" + "easterhegg2007.hamburg.ccc.de" + "www.easterhegg2007.hamburg.ccc.de" + ]; + listen = [{ + addr = "0.0.0.0"; + port = 31820; + }]; + }; + + "easterhegg2007.hamburg.ccc.de" = { + forceSSL = true; + useACMEHost = "eh07.easterhegg.eu"; + serverAliases = [ + "eh2007.hamburg.ccc.de" + "www.eh2007.hamburg.ccc.de" + "eh07.hamburg.ccc.de" + "www.eh07.hamburg.ccc.de" + "www.easterhegg2007.hamburg.ccc.de" + ]; + + listen = [{ + addr = "0.0.0.0"; + port = 8443; + ssl = true; + proxyProtocol = true; + }]; + + locations."/".return = "302 https://eh07.easterhegg.eu"; + + extraConfig = '' + # Make use of the ngx_http_realip_module to set the $remote_addr and + # $remote_port to the client address and client port, when using proxy + # protocol. + # First set our proxy protocol proxy as trusted. + set_real_ip_from 172.31.17.140; + # Then tell the realip_module to get the addreses from the proxy protocol + # header. + real_ip_header proxy_protocol; + ''; + }; + + "eh07.easterhegg.eu" = { + forceSSL = true; + useACMEHost = "eh07.easterhegg.eu"; + + listen = [{ + addr = "0.0.0.0"; + port = 8443; + ssl = true; + proxyProtocol = true; + }]; + + locations."/" = { + index = "index.shtml"; + root = eh07; + extraConfig = '' + # Set default_type to html + default_type text/html; + # Enable SSI + ssi on; + ''; + }; + + extraConfig = '' + # Make use of the ngx_http_realip_module to set the $remote_addr and + # $remote_port to the client address and client port, when using proxy + # protocol. + # First set our proxy protocol proxy as trusted. + set_real_ip_from 172.31.17.140; + # Then tell the realip_module to get the addreses from the proxy protocol + # header. + real_ip_header proxy_protocol; + # Enable SSI + ssi on; + ''; + }; + }; +} diff --git a/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh09.nix b/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh09.nix new file mode 100644 index 0000000..f7416ed --- /dev/null +++ b/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh09.nix @@ -0,0 +1,105 @@ +{ pkgs, ... }: + +let + eh09 = pkgs.fetchgit { + url = "https://git.hamburg.ccc.de/CCCHH/easterhegg-2009-website.git"; + rev = "6d4a50c5ab23870072f0b33dd0171b0c56d6cab5"; + hash = "sha256-kPJOrKseJD/scRxhYFa249DT1cYmeCjnK50Bt0IJZK8="; + }; +in +{ + security.acme.certs."eh09.easterhegg.eu".extraDomainNames = [ + "eh2009.hamburg.ccc.de" + "www.eh2009.hamburg.ccc.de" + "eh09.hamburg.ccc.de" + "www.eh09.hamburg.ccc.de" + "easterhegg2009.hamburg.ccc.de" + "www.easterhegg2009.hamburg.ccc.de" + ]; + + services.nginx.virtualHosts = { + "acme-eh09.easterhegg.eu" = { + enableACME = true; + serverName = "eh09.easterhegg.eu"; + serverAliases = [ + "eh2009.hamburg.ccc.de" + "www.eh2009.hamburg.ccc.de" + "eh09.hamburg.ccc.de" + "www.eh09.hamburg.ccc.de" + "easterhegg2009.hamburg.ccc.de" + "www.easterhegg2009.hamburg.ccc.de" + ]; + listen = [{ + addr = "0.0.0.0"; + port = 31820; + }]; + }; + + "easterhegg2009.hamburg.ccc.de" = { + forceSSL = true; + useACMEHost = "eh09.easterhegg.eu"; + serverAliases = [ + "eh2009.hamburg.ccc.de" + "www.eh2009.hamburg.ccc.de" + "eh09.hamburg.ccc.de" + "www.eh09.hamburg.ccc.de" + "www.easterhegg2009.hamburg.ccc.de" + ]; + + listen = [{ + addr = "0.0.0.0"; + port = 8443; + ssl = true; + proxyProtocol = true; + }]; + + locations."/".return = "302 https://eh09.easterhegg.eu"; + + extraConfig = '' + # Make use of the ngx_http_realip_module to set the $remote_addr and + # $remote_port to the client address and client port, when using proxy + # protocol. + # First set our proxy protocol proxy as trusted. + set_real_ip_from 172.31.17.140; + # Then tell the realip_module to get the addreses from the proxy protocol + # header. + real_ip_header proxy_protocol; + ''; + }; + + "eh09.easterhegg.eu" = { + forceSSL = true; + useACMEHost = "eh09.easterhegg.eu"; + + listen = [{ + addr = "0.0.0.0"; + port = 8443; + ssl = true; + proxyProtocol = true; + }]; + + locations."/" = { + index = "index.shtml"; + root = eh09; + extraConfig = '' + # Set default_type to html + default_type text/html; + # Enable SSI + ssi on; + ''; + }; + extraConfig = '' + # Make use of the ngx_http_realip_module to set the $remote_addr and + # $remote_port to the client address and client port, when using proxy + # protocol. + # First set our proxy protocol proxy as trusted. + set_real_ip_from 172.31.17.140; + # Then tell the realip_module to get the addreses from the proxy protocol + # header. + real_ip_header proxy_protocol; + # Enable SSI + ssi on; + ''; + }; + }; +} diff --git a/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh11.nix b/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh11.nix new file mode 100644 index 0000000..c409641 --- /dev/null +++ b/config/hosts/public-web-static/virtualHosts/historic-easterhegg/eh11.nix @@ -0,0 +1,106 @@ +{ pkgs, ... }: + +let + eh11 = pkgs.fetchgit { + url = "https://git.hamburg.ccc.de/CCCHH/easterhegg-2011-website.git"; + rev = "c20540af71d4a0bd1fa12f49962b92d04293415b"; + hash = "sha256-9hhtfU8fp2HOThcyQ4R7kuGQBjZktqMtiiYQhOas2QA="; + }; +in +{ + security.acme.certs."eh11.easterhegg.eu".extraDomainNames = [ + "eh2011.hamburg.ccc.de" + "www.eh2011.hamburg.ccc.de" + "eh11.hamburg.ccc.de" + "www.eh11.hamburg.ccc.de" + "easterhegg2011.hamburg.ccc.de" + "www.easterhegg2011.hamburg.ccc.de" + ]; + + services.nginx.virtualHosts = { + "acme-eh11.easterhegg.eu" = { + enableACME = true; + serverName = "eh11.easterhegg.eu"; + serverAliases = [ + "eh2011.hamburg.ccc.de" + "www.eh2011.hamburg.ccc.de" + "eh11.hamburg.ccc.de" + "www.eh11.hamburg.ccc.de" + "easterhegg2011.hamburg.ccc.de" + "www.easterhegg2011.hamburg.ccc.de" + ]; + listen = [{ + addr = "0.0.0.0"; + port = 31820; + }]; + }; + + "easterhegg2011.hamburg.ccc.de" = { + forceSSL = true; + useACMEHost = "eh11.easterhegg.eu"; + serverAliases = [ + "eh2011.hamburg.ccc.de" + "www.eh2011.hamburg.ccc.de" + "eh11.hamburg.ccc.de" + "www.eh11.hamburg.ccc.de" + "www.easterhegg2011.hamburg.ccc.de" + ]; + + listen = [{ + addr = "0.0.0.0"; + port = 8443; + ssl = true; + proxyProtocol = true; + }]; + + locations."/".return = "302 https://eh11.easterhegg.eu"; + + extraConfig = '' + # Make use of the ngx_http_realip_module to set the $remote_addr and + # $remote_port to the client address and client port, when using proxy + # protocol. + # First set our proxy protocol proxy as trusted. + set_real_ip_from 172.31.17.140; + # Then tell the realip_module to get the addreses from the proxy protocol + # header. + real_ip_header proxy_protocol; + ''; + }; + + "eh11.easterhegg.eu" = { + forceSSL = true; + useACMEHost = "eh11.easterhegg.eu"; + + listen = [{ + addr = "0.0.0.0"; + port = 8443; + ssl = true; + proxyProtocol = true; + }]; + + locations."/" = { + index = "index.shtml"; + root = eh11; + extraConfig = '' + # Set default_type to html + default_type text/html; + # Enable SSI + ssi on; + ''; + }; + + extraConfig = '' + # Make use of the ngx_http_realip_module to set the $remote_addr and + # $remote_port to the client address and client port, when using proxy + # protocol. + # First set our proxy protocol proxy as trusted. + set_real_ip_from 172.31.17.140; + # Then tell the realip_module to get the addreses from the proxy protocol + # header. + real_ip_header proxy_protocol; + # Enable SSI + ssi on; + ''; + }; + }; +}