From d5985e02f319a893030a62aeaf4befb77c4b65c0 Mon Sep 17 00:00:00 2001
From: h7x4 <h7x4@nani.wtf>
Date: Sun, 5 Nov 2023 01:41:45 +0100
Subject: [PATCH] Prepare to replace knakelibrak

Co-authored-by: Felix Albrigtsen <felix@albrigtsen.it>
---
 hosts/bekkalokk/configuration.nix             |  2 +-
 .../services/{nginx.nix => nginx/default.nix} |  4 ++
 hosts/bekkalokk/services/nginx/ingress.nix    | 48 +++++++++++++++++++
 3 files changed, 53 insertions(+), 1 deletion(-)
 rename hosts/bekkalokk/services/{nginx.nix => nginx/default.nix} (90%)
 create mode 100644 hosts/bekkalokk/services/nginx/ingress.nix

diff --git a/hosts/bekkalokk/configuration.nix b/hosts/bekkalokk/configuration.nix
index 358c43e..618ed75 100644
--- a/hosts/bekkalokk/configuration.nix
+++ b/hosts/bekkalokk/configuration.nix
@@ -10,7 +10,7 @@
 
     # TODO: set up authentication for the following:
     # ./services/website.nix
-    ./services/nginx.nix
+    ./services/nginx
     ./services/gitea/default.nix
     ./services/webmail
     # ./services/mediawiki.nix
diff --git a/hosts/bekkalokk/services/nginx.nix b/hosts/bekkalokk/services/nginx/default.nix
similarity index 90%
rename from hosts/bekkalokk/services/nginx.nix
rename to hosts/bekkalokk/services/nginx/default.nix
index 183f49e..a1a2253 100644
--- a/hosts/bekkalokk/services/nginx.nix
+++ b/hosts/bekkalokk/services/nginx/default.nix
@@ -1,5 +1,9 @@
 { pkgs, config, ... }:
 {
+  imports = [
+    ./ingress.nix
+  ];
+
   security.acme = {
     acceptTerms = true;
     defaults.email = "drift@pvv.ntnu.no";
diff --git a/hosts/bekkalokk/services/nginx/ingress.nix b/hosts/bekkalokk/services/nginx/ingress.nix
new file mode 100644
index 0000000..7aeb0f3
--- /dev/null
+++ b/hosts/bekkalokk/services/nginx/ingress.nix
@@ -0,0 +1,48 @@
+{ config, lib, ... }:
+{
+  services.nginx.virtualHosts = {
+    "www2.pvv.ntnu.no" = {
+      addSSL = true;
+      enableACME = true;
+
+      # TODO after updating the corresponding DNS record:
+      # serverAliases = [ "www2.pvv.org" "pvv.ntnu.no" "pvv.org" ]
+      serverAliases = [ "www2.pvv.org" ];
+
+      locations = {
+        # Redirect the main website
+        "= /".return = "301 https://www.pvv.ntnu.no/";
+
+        # Proxy home directories
+        "/~" = {
+          extraConfig = ''
+            proxy_redirect off;
+            proxy_pass https://tom.pvv.ntnu.no;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+          '';
+        };
+
+        # Redirect old wiki entries
+        "/disk".return = "301 https://www.pvv.ntnu.no/pvv/Diskkjøp";
+        "/dok/boker.php".return = "301 https://www.pvv.ntnu.no/pvv/Bokhyllen";
+        "/styret/lover/".return = "301 https://www.pvv.ntnu.no/pvv/Lover";
+        "/styret/".return = "301 https://www.pvv.ntnu.no/pvv/Styret";
+        "/info/".return = "301 https://www.pvv.ntnu.no/pvv/";
+        "/info/maskinpark/".return = "301 https://www.pvv.ntnu.no/pvv/Maskiner";
+        "/medlemssider/meldinn.php".return = "301 https://www.pvv.ntnu.no/pvv/Medlemskontingent";
+        "/diverse/medlems-sider.php".return = "301 https://www.pvv.ntnu.no/pvv/Medlemssider";
+        "/cert/".return = "301 https://www.pvv.ntnu.no/pvv/CERT";
+        "/drift".return = "301 https://www.pvv.ntnu.no/pvv/Drift";
+        "/diverse/abuse.php".return = "301 https://www.pvv.ntnu.no/pvv/CERT/Abuse";
+        "/nerds/".return = "301 https://www.pvv.ntnu.no/pvv/Nerdepizza";
+
+        # TODO: Redirect web main
+        "/webmail".return = "301 https://webmail.pvv.ntnu.no/squirrelmail";
+      };
+    };
+  };
+}
+