feat: get proper 404

This is admittedly super hacky, because it uses an unused subdomain, invalid certs, and actually just directs somewhere that doesn't exist, but it kinda works, and going on a weird subdomain at least doesn't redirect to bitwarden.
2024-04-19 22:44:42 +02:00 · 2024-04-19 22:44:42 +02:00 · e4f8faf9d0
commit e4f8faf9d0
parent df67724405
6 changed files with 24 additions and 15 deletions
--- a/hosts/ami/404.nix
+++ b/hosts/ami/404.nix
@ -0,0 +1,17 @@
+{website, ...}: {
+  services.nginx = {
+    enable = true;
+
+    recommendedGzipSettings = true;
+    recommendedOptimisation = true;
+    recommendedProxySettings = true;
+    recommendedTlsSettings = true;
+
+    virtualHosts."404.buffet.sh" = {
+      default = true;
+      enableACME = true;
+      forceSSL = true;
+      root = "${website}/404.html";
+    };
+  };
+}
--- a/hosts/ami/acme.nix
+++ b/hosts/ami/acme.nix
@ -3,9 +3,6 @@ _: {
    acceptTerms = true;
    defaults.email = "acme@buffet.sh";
    certs."buffet.sh" = {
-      extraDomainNames = [
-        "bitwarden.buffet.sh"
-      ];
    };
  };
 }
--- a/hosts/ami/default.nix
+++ b/hosts/ami/default.nix
@ -9,6 +9,7 @@
    agenix.nixosModules.default
    disko.nixosModules.disko

+    ./404.nix
    ./acme.nix
    ./bitwarden.nix
    ./borg.nix
@ -19,7 +20,7 @@
    ../../users/maintainer
  ];

-  age.identityPaths = [ "/root/.ssh/id_agenix" ];
+  age.identityPaths = ["/root/.ssh/id_agenix"];

  users = {
    mutableUsers = false;
--- a/hosts/ami/forgejo.nix
+++ b/hosts/ami/forgejo.nix
@ -1,4 +1,4 @@
-{ pkgs, ...}: let
+{pkgs, ...}: let
  port = 3000;
 in {
  services = {
--- a/hosts/ami/website.nix
+++ b/hosts/ami/website.nix
@ -14,11 +14,5 @@
      forceSSL = true;
      root = "${website}";
    };
-
-    virtualHosts."unix.pics" = {
-      enableACME = true;
-      forceSSL = true;
-      root = "/var/lib/stuff/unix.pics";
-    };
  };
 }