feat(ops/glesys): add bolt.tvix.dev
Make tvixbolt.tvl.su just serve a redirect to the new domain, and fold everything into the tvix.dev.nix module. Change-Id: I3a9ccf37d2ceee8886208d6f662e7598ce395b1a Reviewed-on: https://cl.tvl.fyi/c/depot/+/11015 Reviewed-by: lukegb <lukegb@tvl.fyi> Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
This commit is contained in:
parent
5c3065b43a
commit
f3faeae52a
5 changed files with 27 additions and 26 deletions
|
@ -18,6 +18,13 @@ resource "glesys_dnsdomain_record" "tvix_dev_apex_AAAA" {
|
||||||
data = var.whitby_ipv6
|
data = var.whitby_ipv6
|
||||||
}
|
}
|
||||||
|
|
||||||
|
resource "glesys_dnsdomain_record" "tvix_dev_bolt_CNAME" {
|
||||||
|
domain = glesys_dnsdomain.tvix_dev.id
|
||||||
|
host = "bolt"
|
||||||
|
type = "CNAME"
|
||||||
|
data = "whitby.tvl.su."
|
||||||
|
}
|
||||||
|
|
||||||
resource "glesys_dnsdomain_record" "tvix_dev_docs_CNAME" {
|
resource "glesys_dnsdomain_record" "tvix_dev_docs_CNAME" {
|
||||||
domain = glesys_dnsdomain.tvix_dev.id
|
domain = glesys_dnsdomain.tvix_dev.id
|
||||||
host = "docs"
|
host = "docs"
|
||||||
|
|
|
@ -76,15 +76,12 @@ resource "glesys_dnsdomain_record" "tvl_su_whitby_services" {
|
||||||
for_each = toset(local.whitby_services)
|
for_each = toset(local.whitby_services)
|
||||||
}
|
}
|
||||||
|
|
||||||
# Explicit records for corp-only services running on whitby.
|
# historical tvixbolt.tvl.su record, redirects to bolt.tvix.dev
|
||||||
resource "glesys_dnsdomain_record" "tvl_su_corp_whitby_services" {
|
resource "glesys_dnsdomain_record" "tvix_su_tvixbolt_CNAME" {
|
||||||
domain = glesys_dnsdomain.tvl_su.id
|
domain = glesys_dnsdomain.tvl_su.id
|
||||||
|
host = "tvixbolt"
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
data = "whitby.tvl.su."
|
data = "whitby.tvl.su."
|
||||||
host = each.key
|
|
||||||
for_each = toset([
|
|
||||||
"tvixbolt",
|
|
||||||
])
|
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "glesys_dnsdomain_record" "tvl_su_inbox_CNAME" {
|
resource "glesys_dnsdomain_record" "tvl_su_inbox_CNAME" {
|
||||||
|
|
|
@ -42,7 +42,6 @@ in
|
||||||
(mod "www/status.tvl.su.nix")
|
(mod "www/status.tvl.su.nix")
|
||||||
(mod "www/todo.tvl.fyi.nix")
|
(mod "www/todo.tvl.fyi.nix")
|
||||||
(mod "www/tvix.dev.nix")
|
(mod "www/tvix.dev.nix")
|
||||||
(mod "www/tvixbolt.tvl.su.nix")
|
|
||||||
(mod "www/tvl.fyi.nix")
|
(mod "www/tvl.fyi.nix")
|
||||||
(mod "www/tvl.su.nix")
|
(mod "www/tvl.su.nix")
|
||||||
(mod "www/wigglydonke.rs.nix")
|
(mod "www/wigglydonke.rs.nix")
|
||||||
|
|
|
@ -17,6 +17,23 @@
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
services.nginx.virtualHosts."bolt.tvix.dev" = {
|
||||||
|
root = depot.web.tvixbolt;
|
||||||
|
enableACME = true;
|
||||||
|
forceSSL = true;
|
||||||
|
|
||||||
|
extraConfig = ''
|
||||||
|
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
# old domain, serve redirect
|
||||||
|
services.nginx.virtualHosts."tvixbolt.tvl.su" = {
|
||||||
|
enableACME = true;
|
||||||
|
forceSSL = true;
|
||||||
|
extraConfig = "return 301 https://bolt.tvix.dev$request_uri;";
|
||||||
|
};
|
||||||
|
|
||||||
services.nginx.virtualHosts."docs.tvix.dev" = {
|
services.nginx.virtualHosts."docs.tvix.dev" = {
|
||||||
serverName = "docs.tvix.dev";
|
serverName = "docs.tvix.dev";
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
|
|
|
@ -1,19 +0,0 @@
|
||||||
{ depot, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
./base.nix
|
|
||||||
];
|
|
||||||
|
|
||||||
config = {
|
|
||||||
services.nginx.virtualHosts."tvixbolt.tvl.su" = {
|
|
||||||
root = depot.web.tvixbolt;
|
|
||||||
enableACME = true;
|
|
||||||
forceSSL = true;
|
|
||||||
|
|
||||||
extraConfig = ''
|
|
||||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
Loading…
Reference in a new issue