diff --git a/machines/compute01/dgsi/default.nix b/machines/compute01/dgsi/default.nix index eb3fedd..1e972c3 100644 --- a/machines/compute01/dgsi/default.nix +++ b/machines/compute01/dgsi/default.nix @@ -187,7 +187,7 @@ in ]; }; - dgn-redirections.redirections."dgsi.dgnum.eu" = "profil.dgnum.eu"; + dgn-redirections.permanent."dgsi.dgnum.eu" = "profil.dgnum.eu"; services = { postgresql = { diff --git a/machines/storage01/redirections.nix b/machines/storage01/redirections.nix index f8c1558..068617e 100644 --- a/machines/storage01/redirections.nix +++ b/machines/storage01/redirections.nix @@ -1,6 +1,6 @@ { dgn-redirections = { - redirections = { + permanent = { "www.lanuit.ens.fr" = "lanuit.ens.fr"; "lanuit.ens.psl.eu" = "lanuit.ens.fr"; "www.lanuit.ens.psl.eu" = "lanuit.ens.fr"; diff --git a/machines/web01/redirections.nix b/machines/web01/redirections.nix index e36881f..39a1379 100644 --- a/machines/web01/redirections.nix +++ b/machines/web01/redirections.nix @@ -14,7 +14,7 @@ in dgn-redirections = { inherit retiredHost; - redirections = { + permanent = { "calendrier.eleves.ens.fr" = "calendrier.dgnum.eu"; "docs.beta.rz.ens.wtf" = "pads.dgnum.eu"; "git.rz.ens.wtf" = "git.dgnum.eu"; diff --git a/machines/web02/cas-eleves/default.nix b/machines/web02/cas-eleves/default.nix index 00afde5..378ec3c 100644 --- a/machines/web02/cas-eleves/default.nix +++ b/machines/web02/cas-eleves/default.nix @@ -126,7 +126,7 @@ in }; }; - dgn-redirections.redirections."cas-eleves.dgnum.eu" = "cas.eleves.ens.fr"; + dgn-redirections.permanent."cas-eleves.dgnum.eu" = "cas.eleves.ens.fr"; services = { postgresql = { diff --git a/modules/dgn-redirections/default.nix b/modules/dgn-redirections/default.nix index 0a4e93b..c8a59a1 100644 --- a/modules/dgn-redirections/default.nix +++ b/modules/dgn-redirections/default.nix @@ -3,7 +3,13 @@ let inherit (lib) mkOption; - inherit (lib.types) attrsOf listOf str; + inherit (lib.types) + attrsOf + ints + listOf + str + submodule + ; mkRetired = hosts: @@ -18,19 +24,33 @@ let }) hosts ); - mkRedirection = _: globalRedirect: { + mkPermanent = _: globalRedirect: { inherit globalRedirect; enableACME = true; forceSSL = true; }; + mkTemporary = + _: + { + to, + code, + location, + }: + { + enableACME = true; + forceSSL = true; + + locations.${location}.return = "${toString code} ${to}"; + }; + cfg = config.dgn-redirections; in { options.dgn-redirections = { - redirections = mkOption { + permanent = mkOption { type = attrsOf str; default = { }; description = '' @@ -40,6 +60,57 @@ in ''; }; + temporary = mkOption { + type = attrsOf (submodule { + options = { + to = mkOption { + type = str; + description = "Target of the redirection"; + }; + code = mkOption { + type = ints.between 300 399; + default = 302; + example = 308; + description = '' + HTTP status used by the redirection. Possible usecases + include temporary (302, 307) redirects, keeping the request method and + body (307, 308), or explicitly resetting the method to GET (303). + See . + ''; + }; + location = mkOption { + type = str; + default = "/"; + description = "nginx-style location for the source of the redirection"; + }; + }; + }); + default = { }; + example = { + "source.dgnum.eu" = { + to = "https://target.dgnum.eu/path_to_page"; + code = 307; + location = "/subpath/"; + }; + }; + description = '' + Attribute set of temporary redirections. The attribute is the source + domain. + + For: + ``` + { + "source.dgnum.eu" = { + to = "https://target.dgnum.eu/path_to_page"; + code = 307; + }; + } + ``` + a 307 redirect from all the urls within the domain `source.dgnum.eu` to + `https://target.dgnum.eu/path_to_page` will be made. + ''; + }; + retired = mkOption { type = listOf str; default = [ ]; @@ -59,6 +130,7 @@ in config = { services.nginx.virtualHosts = - (builtins.mapAttrs mkRedirection cfg.redirections) // (mkRetired cfg.retired); + (builtins.mapAttrs mkPermanent cfg.permanent // builtins.mapAttrs mkTemporary cfg.temporary) + // (mkRetired cfg.retired); }; }