simon/nixos-config
simon/nixos-config
1
1
Fork 0
Code Issues 8 Pull requests Actions Projects Activity
nixos-config/machines/renge/services/sbruder.xyz/blocks.nix
Simon Bruder 10b8d432d5
Relicense 
This applies the REUSE specification to the repository, so the licensing
information can be tracked for every file individually.
2024-01-13 14:39:22 +01:00

64 lines
2.4 KiB
Nix
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# SPDX-FileCopyrightText: 2023 Simon Bruder <simon@sbruder.de>
#
# SPDX-License-Identifier: AGPL-3.0-or-later
# I dont do this, because I want to.
# I think I might have to do this because of § 8.2 of Hetzners ToS.
{ config, lib, ... }:
let
serviceBlocks = {
nitter = [
{ path = "/ks1v/status/1439866313476689924"; report = "2023-04-21-Hetzner-C591581F-ROSKOMNADZOR.txt"; }
];
iv = [
{ video = "NR57D2UVqm4"; report = "2023-04-28-Hetzner-C633C02D-ROSKOMNADZOR.txt"; }
];
libreddit = [
];
};
in
{
services.nginx.virtualHosts = lib.mapAttrs'
(domain: blocks: lib.nameValuePair "${domain}.sbruder.xyz" {
locations = lib.listToAttrs
(map
(block:
let
# workaround for nginx dropping parent headers
# see https://github.com/yandex/gixy/blob/master/docs/en/plugins/addheaderredefinition.md
parentHeaders = lib.concatStringsSep "\n" (lib.filter
(lib.hasPrefix "add_header ")
(lib.splitString "\n" config.services.nginx.commonHttpConfig));
transparency_url = "https://sbruder.xyz/transparency/${block.report}";
return_statement = ''
${parentHeaders}
add_header Link "<${transparency_url}>; rel=blocked-by" always;
add_header Content-Type text/html always;
return 451 '<html><head><title>451 Unavailable For Legal Reasons</title></head><body><center><h1>451 Unavailable For Legal Reasons</h1><p><a href="${transparency_url}">Transparency</a></p></center><hr><center>nginx</center></body></html>';
'';
path =
if block ? "path"
then block.path
else
(if block ? "video"
then "/" # not pretty, but I dont know how to do this differently
else throw "invalid block");
location_block =
if block ? "video"
then {
extraConfig = ''
if ($arg_v = ${block.video}) {
${return_statement}
}
'';
}
else { extraConfig = return_statement; };
in
lib.nameValuePair
path
location_block)
blocks);
})
serviceBlocks;
}
Reference in a new issue View git blame Copy permalink