1 files changed, 49 insertions, 40 deletions

diff --git a/Biz/Cloud/Web.nix b/Biz/Cloud/Web.nix
index f97f6e0..b54e108 100644
--- a/Biz/Cloud/Web.nix
+++ b/Biz/Cloud/Web.nix
@@ -3,9 +3,8 @@
 let
   rootDomain = config.networking.domain;
   ports = import ./Ports.nix;
-in
-{
-  imports = [  ./Gmnisrv.nix ];
+in {
+  imports = [ ./Gmnisrv.nix ];
   networking.firewall = {
     allowedTCPPorts = [
       ports.ssh
@@ -86,9 +85,7 @@ in
       listen = "0.0.0.0:${toString ports.gemini} [::]:${toString ports.gemini}";
       settings = {
         ":tls" = { store = "/var/lib/gmnisrv"; };
-        "bsima.me" = {
-          "root" = "/var/web/ben";
-        };
+        "bsima.me" = { "root" = "/var/web/ben"; };
         "${rootDomain}" = {
           "root" = "/var/web/simatime.com";
           "cgi" = "on";
@@ -116,7 +113,12 @@ in
             # redirect '/git' to '/git/'
             "/git".return = "301 https://$host/git/";
             # nostr nip-5 verification
-            "/.well-known/nostr.json".return = "200 '${builtins.toJSON { names.bensima = "2fa4b9ba71b6dab17c4723745bb7850dfdafcb6ae1a8642f76f9c64fa5f43436";}}'";
+            "/.well-known/nostr.json".return = "200 '${
+                builtins.toJSON {
+                  names.bensima =
+                    "2fa4b9ba71b6dab17c4723745bb7850dfdafcb6ae1a8642f76f9c64fa5f43436";
+                }
+              }'";
             # disabled for nixpert test
             "/" = {
               root = "/var/web/simatime.com";
@@ -149,19 +151,22 @@ in
         };
 
         "hoogle.${rootDomain}" = {
-          locations."/".proxyPass = "http://${ports.bensIp}:${toString ports.hoogle}";
+          locations."/".proxyPass =
+            "http://${ports.bensIp}:${toString ports.hoogle}";
           forceSSL = true;
           useACMEHost = rootDomain;
         };
 
         "tv.${rootDomain}" = {
-          locations."/".proxyPass = "http://${ports.bensIp}:${toString ports.jellyfin}";
+          locations."/".proxyPass =
+            "http://${ports.bensIp}:${toString ports.jellyfin}";
           forceSSL = true;
           useACMEHost = rootDomain;
         };
 
         "cal.${rootDomain}" = {
-          locations."/".proxyPass = "http://localhost:${toString ports.radicale}";
+          locations."/".proxyPass =
+            "http://localhost:${toString ports.radicale}";
           forceSSL = true;
           useACMEHost = rootDomain;
           extraConfig = ''
@@ -173,7 +178,8 @@ in
         };
 
         "reddit.${rootDomain}" = {
-          locations."/".proxyPass = "http://localhost:${toString ports.libreddit}";
+          locations."/".proxyPass =
+            "http://localhost:${toString ports.libreddit}";
           forceSSL = true;
           useACMEHost = rootDomain;
         };
@@ -189,7 +195,8 @@ in
         };
 
         "youtube.${rootDomain}" = {
-          locations."/".proxyPass = "http://localhost:${toString ports.invidious}";
+          locations."/".proxyPass =
+            "http://localhost:${toString ports.invidious}";
           forceSSL = true;
           useACMEHost = rootDomain;
         };
@@ -205,13 +212,15 @@ in
         };
 
         "dragons.dev" = {
-          locations."/".proxyPass = "http://${ports.bensIp}:${toString ports.dragons}";
+          locations."/".proxyPass =
+            "http://${ports.bensIp}:${toString ports.dragons}";
           forceSSL = true;
           useACMEHost = rootDomain;
         };
 
         "dandel-rovbur.${rootDomain}" = {
-          locations."/".proxyPass = "http://${ports.bensIp}:${toString ports.dandel-rovbur}";
+          locations."/".proxyPass =
+            "http://${ports.bensIp}:${toString ports.dandel-rovbur}";
           forceSSL = true;
           useACMEHost = rootDomain;
         };
@@ -226,7 +235,8 @@ in
           forceSSL = true;
           useACMEHost = rootDomain;
           locations."/" = {
-            proxyPass = "http://${ports.bensIp}:${toString ports.stableDiffusion}";
+            proxyPass =
+              "http://${ports.bensIp}:${toString ports.stableDiffusion}";
             proxyWebsockets = true;
           };
         };
@@ -234,7 +244,8 @@ in
         "music.${rootDomain}" = {
           forceSSL = true;
           useACMEHost = rootDomain;
-          locations."/".proxyPass = "http://localhost:${toString ports.botamusique}";
+          locations."/".proxyPass =
+            "http://localhost:${toString ports.botamusique}";
         };
 
         "nostr.${rootDomain}" = {
@@ -275,28 +286,26 @@ in
   };
 
   # This must contain all of the other domains we host
-  security.acme.certs.${rootDomain}.extraDomainNames = [
-    "bsima.me" "www.bsima.me"
-    "dragons.dev"
-    "nixpert.chat"
-  ] ++ map (sub: "${sub}.${rootDomain}") [
-    "music"
-    "tv"
-    "matrix"
-    "chat"
-    "hoogle"
-    "dandel-rovbur"
-    "sabten"
-    "cal"
-    "notebook"
-    "nostr"
-    "reddit"
-    "old.reddit"
-    "www.reddit"
-    "youtube"
-    "www.youtube"
-    "m.youtube"
-    "sd"
-    "gerrit"
-  ];
+  security.acme.certs.${rootDomain}.extraDomainNames =
+    [ "bsima.me" "www.bsima.me" "dragons.dev" "nixpert.chat" ]
+    ++ map (sub: "${sub}.${rootDomain}") [
+      "music"
+      "tv"
+      "matrix"
+      "chat"
+      "hoogle"
+      "dandel-rovbur"
+      "sabten"
+      "cal"
+      "notebook"
+      "nostr"
+      "reddit"
+      "old.reddit"
+      "www.reddit"
+      "youtube"
+      "www.youtube"
+      "m.youtube"
+      "sd"
+      "gerrit"
+    ];
 }