From d7fc02342227fbd442f47e27fa12a42ff7998cd5 Mon Sep 17 00:00:00 2001
From: Linnnus <linnnus@users.noreply.github.com>
Date: Sat, 30 Sep 2023 14:53:27 +0200
Subject: fix everything forever i hope

---
 hosts/ahmed/cloudflare-ddns.nix |  7 +------
 hosts/ahmed/configuration.nix   | 21 ++++++++++++++++++---
 2 files changed, 19 insertions(+), 9 deletions(-)

(limited to 'hosts')

diff --git a/hosts/ahmed/cloudflare-ddns.nix b/hosts/ahmed/cloudflare-ddns.nix
index a46f76a..a118fa6 100644
--- a/hosts/ahmed/cloudflare-ddns.nix
+++ b/hosts/ahmed/cloudflare-ddns.nix
@@ -6,15 +6,10 @@ let
 
 in
 {
-  age.secrets.cloudflare-dyndns-api-token = {
-    file = ../../secrets/cloudflare-ddns-token.env.age;
-    # TODO: configure permissions
-  };
-
+  age.secrets.cloudflare-dyndns-api-token.file = ../../secrets/cloudflare-ddns-token.env.age;
   services.cloudflare-dyndns = {
     enable = true;
     apiTokenFile = config.age.secrets.cloudflare-dyndns-api-token.path;
     proxied = true;
-    domains = [ "linus.onl" ];
   };
 }
diff --git a/hosts/ahmed/configuration.nix b/hosts/ahmed/configuration.nix
index a1937b0..fc1cc9c 100644
--- a/hosts/ahmed/configuration.nix
+++ b/hosts/ahmed/configuration.nix
@@ -9,7 +9,6 @@
       ./hardware-configuration.nix
       ./ssh.nix
       ./disable-screen.nix
-      ./cloudflare-ddns.nix
     ];
 
   # Create the main user.
@@ -45,13 +44,18 @@
     openFirewall = true;
   };
 
+  # Set up dukse server. Det er satme hårdt at være overduksepåmindelsesansvarlig.
   my.services.duksebot.enable = true;
 
-  # Host <https://linus.onl>.
+  # Virtual hosts.
+  services.nginx.enable = true;
   my.modules."linus.onl" = {
     enable = true;
     useACME = true;
-    openFirewall = true;
+  };
+  my.modules."notifications.linus.onl" = {
+    enable = true;
+    useACME = true;
   };
 
   # Configure ACME for various HTTPS services.
@@ -60,6 +64,17 @@
     defaults.email = "linusvejlo+${config.networking.hostName}-acme@gmail.com";
   };
 
+  # Configure DDNS. The website for each module is responsible for extending `services.cloudflare-dyndns.domains` with its domain.
+  age.secrets.cloudflare-dyndns-api-token.file = ../../secrets/cloudflare-ddns-token.env.age;
+  services.cloudflare-dyndns = {
+    enable = true;
+    apiTokenFile = config.age.secrets.cloudflare-dyndns-api-token.path;
+    proxied = true;
+  };
+
+  # Listen for HTTP connections.
+  networking.firewall.allowedTCPPorts = [ 80 443 ];
+
   # We are running behind CF proxy.
   my.modules.cloudflare-proxy.enable = true;
 
-- 
cgit v1.2.3