Add nossl page

[perso/Immae/Config/Nix.git] / nixops / modules / websites / default.nix

diff --git a/nixops/modules/websites/default.nix b/nixops/modules/websites/default.nix
index 8c4380c84f0b4412077e7895a849ea2cb4e8b23e..8563995d72f47f556dfe10ecd1f3dcaac71af9be 100644 (file)
--- a/nixops/modules/websites/default.nix
+++ b/nixops/modules/websites/default.nix
@@ -16,6 +16,23 @@ let
       documentRoot = vhostConf.root;
       extraConfig = builtins.concatStringsSep "\n" vhostConf.extraConfig;
     };
+    nosslVhost = {
+      listen = [ { ip = cfg.ip; port = 80; } ];
+      hostName = "nossl.immae.eu";
+      enableSSL = false;
+      logFormat = "combinedVhost";
+      documentRoot = ../../www;
+      extraConfig = ''
+        <Directory ${../../www}>
+          DirectoryIndex nossl.html
+          AllowOverride None
+          Require all granted
+
+          RewriteEngine on
+          RewriteRule ^/(.+)   /   [L]
+        </Directory>
+        '';
+    };
     redirectVhost = { # Should go last, catchall http -> https redirect
       listen = [ { ip = cfg.ip; port = 80; } ];
       hostName = "redirectSSL";
@@ -51,6 +68,7 @@ let
     extraModules = pkgs.lib.lists.unique (pkgs.lib.lists.flatten cfg.modules);
     extraConfig = builtins.concatStringsSep "\n" cfg.extraConfig;
     virtualHosts = [ fallbackVhost ]
+      ++ lib.optionals (name == "tools") [ nosslVhost ]
       ++ (pkgs.lib.attrsets.mapAttrsToList (n: v: toVhost v) cfg.vhostConfs)
       ++ [ redirectVhost ];
   };