configure diday.org on public-static-web

config/hosts/public-web-static/virtualHosts/default.nix

@@ -19,7 +19,7 @@
     ./staging.hamburg.ccc.de.nix
     ./www.hamburg.ccc.de.nix
     ./staging.did.hamburg.ccc.de.nix
-    ./did.hamburg.ccc.de.nix
+    ./diday.org.nix
     ./historic-easterhegg
   ];
 }

config/hosts/public-web-static/virtualHosts/diday.org.nix

@@ -1,12 +1,14 @@
 { ... }:
 
 let
-  domain = "did.hamburg.ccc.de";
+  domain = "diday.org";
   dataDir = "/var/www/${domain}";
   deployUser = "diday-website-deploy";
 in
 {
-  # security.acme.certs."${domain}".extraDomainNames = [];
+  security.acme.certs."${domain}".extraDomainNames = [
+    "did.hamburg.ccc.de"
+  ];
 
   services.nginx.virtualHosts = {
     "acme-${domain}" = {
@@ -21,6 +23,24 @@ in
       ];
     };
 
+    "did.hamburg.ccc.de" = {
+      forceSSL = true;
+      useACMEHost = "${domain}";
+
+      listen = [
+        {
+          addr = "0.0.0.0";
+          port = 8443;
+          ssl = true;
+          proxyProtocol = true;
+        }
+      ];
+
+      extraConfig = ''
+        return 301 https://diday.org;
+      '';
+    };
+
     "${domain}" = {
       forceSSL = true;
       useACMEHost = "${domain}";