From 68aa9ba9233a24007cce1e2541a08f8960c339c8 Mon Sep 17 00:00:00 2001
From: Nydragon <contact@ccnlc.eu>
Date: Wed, 2 Oct 2024 14:05:06 +0200
Subject: [PATCH] chore(nginx): move mkVHost to lib

---
 home/terminal/ssh/default.nix  |  2 +-
 hosts/raptus/configuration.nix | 35 ++++++++++++----------------------
 parts/lib/functions.nix        | 17 +++++++++++++++++
 3 files changed, 30 insertions(+), 24 deletions(-)

diff --git a/home/terminal/ssh/default.nix b/home/terminal/ssh/default.nix
index b9467b6..f70090c 100644
--- a/home/terminal/ssh/default.nix
+++ b/home/terminal/ssh/default.nix
@@ -18,7 +18,7 @@ mkIf config.programs.ssh.enable {
       };
       raptus = {
         hostname = "vps.ccnlc.eu";
-        user = "root";
+        user = "ny";
         port = 56528;
       };
       #shan = {
diff --git a/hosts/raptus/configuration.nix b/hosts/raptus/configuration.nix
index 87e33d9..0324290 100644
--- a/hosts/raptus/configuration.nix
+++ b/hosts/raptus/configuration.nix
@@ -6,6 +6,9 @@
   pubkeys,
   ...
 }:
+let
+  inherit (lib.my) mkVHost;
+in
 {
   imports = [
     (modulesPath + "/profiles/qemu-guest.nix")
@@ -15,8 +18,7 @@
     ./forgejo
     ./obsidian-livesync
     ./headscale.nix
-    ../../modules/nix
-    ../../modules/users/ny.nix
+    ../../modules
   ];
 
   age.secrets = {
@@ -50,26 +52,10 @@
     recommendedProxySettings = true;
     recommendedTlsSettings = true;
     clientMaxBodySize = "50M";
-    virtualHosts =
-      let
-        mkVHost = name: port: {
-          inherit name;
-          value = {
-            enableACME = true;
-            forceSSL = true;
-            locations."/" = {
-              proxyPass = "http://127.0.0.1:${toString port}";
-              extraConfig = ''
-                proxy_ssl_server_name on;
-                proxy_pass_header Authorization;'';
-            };
-          };
-        };
-      in
-      builtins.listToAttrs [
-        (mkVHost "rusty.ccnlc.eu" 8000)
-        (mkVHost "git.ccnlc.eu" 3000)
-      ];
+    virtualHosts = builtins.listToAttrs [
+      (mkVHost "rusty.ccnlc.eu" 8000 true)
+      (mkVHost "git.ccnlc.eu" 3000 true)
+    ];
   };
 
   services.openssh = {
@@ -87,7 +73,10 @@
     pkgs.gitMinimal
   ];
 
-  users.users.root.openssh.authorizedKeys.keys = [ pubkeys.ny ];
+  users.users = {
+    root.openssh.authorizedKeys.keys = [ pubkeys.ny ];
+    ny.openssh.authorizedKeys.keys = [ pubkeys.ny ];
+  };
 
   system.stateVersion = "24.11";
 }
diff --git a/parts/lib/functions.nix b/parts/lib/functions.nix
index 2d8984a..758cd51 100644
--- a/parts/lib/functions.nix
+++ b/parts/lib/functions.nix
@@ -4,6 +4,9 @@
   self,
   ...
 }:
+let
+  inherit (lib) mkIf;
+in
 {
 
   # Verify the existence of a binary inside of a derivation.
@@ -43,4 +46,18 @@
 
   validatePath =
     s: if (builtins.pathExists s) then (builtins.baseNameOf s) else throw "${s} does not exist";
+
+  mkVHost = name: port: ssl: {
+    inherit name;
+    value = {
+      enableACME = ssl;
+      forceSSL = ssl;
+      locations."/" = {
+        proxyPass = "http://127.0.0.1:${toString port}";
+        extraConfig = ''
+          proxy_ssl_server_name on;
+          proxy_pass_header Authorization;'';
+      };
+    };
+  };
 }