From 4d50efc6db1270b099949fb6188a89fd6d33d56b Mon Sep 17 00:00:00 2001 From: Felix Albrigtsen Date: Wed, 10 Apr 2024 23:31:04 +0200 Subject: [PATCH] Finalize www/idp/webmail migration from spikkjeposche to bekkalokk --- hosts/bekkalokk/services/idp-simplesamlphp/default.nix | 6 +++--- .../bekkalokk/services/idp-simplesamlphp/metadata.php.nix | 8 ++++---- .../services/mediawiki/simplesaml-authsources.php | 2 +- hosts/bekkalokk/services/webmail/default.nix | 4 ++-- hosts/bekkalokk/services/webmail/roundcube.nix | 2 +- hosts/bekkalokk/services/website/default.nix | 4 ++-- 6 files changed, 13 insertions(+), 13 deletions(-) diff --git a/hosts/bekkalokk/services/idp-simplesamlphp/default.nix b/hosts/bekkalokk/services/idp-simplesamlphp/default.nix index 28e70639..e943f2d4 100644 --- a/hosts/bekkalokk/services/idp-simplesamlphp/default.nix +++ b/hosts/bekkalokk/services/idp-simplesamlphp/default.nix @@ -22,7 +22,7 @@ let # openssl req -newkey rsa:4096 -new -x509 -days 365 -nodes -out idp.crt -keyout idp.pem "metadata/saml20-idp-hosted.php" = pkgs.writeText "saml20-idp-remote.php" '' '__DEFAULT__', 'privatekey' => '${config.sops.secrets."idp/privatekey".path}', 'certificate' => '${./idp.crt}', @@ -89,7 +89,7 @@ let --replace '$SAML_ADMIN_NAME' '"Drift"' \ --replace '$SAML_ADMIN_EMAIL' '"drift@pvv.ntnu.no"' \ --replace '$SAML_ADMIN_PASSWORD' 'file_get_contents("${config.sops.secrets."idp/admin_password".path}")' \ - --replace '$SAML_TRUSTED_DOMAINS' 'array( "idp2.pvv.ntnu.no" )' \ + --replace '$SAML_TRUSTED_DOMAINS' 'array( "idp.pvv.ntnu.no" )' \ --replace '$SAML_DATABASE_DSN' '"pgsql:host=postgres.pvv.ntnu.no;port=5432;dbname=idp"' \ --replace '$SAML_DATABASE_USERNAME' '"idp"' \ --replace '$SAML_DATABASE_PASSWORD' 'file_get_contents("${config.sops.secrets."idp/postgres_password".path}")' \ @@ -177,7 +177,7 @@ in }; }; - services.nginx.virtualHosts."idp2.pvv.ntnu.no" = { + services.nginx.virtualHosts."idp.pvv.ntnu.no" = { forceSSL = true; enableACME = true; kTLS = true; diff --git a/hosts/bekkalokk/services/idp-simplesamlphp/metadata.php.nix b/hosts/bekkalokk/services/idp-simplesamlphp/metadata.php.nix index ff4ed34d..0ba2763c 100644 --- a/hosts/bekkalokk/services/idp-simplesamlphp/metadata.php.nix +++ b/hosts/bekkalokk/services/idp-simplesamlphp/metadata.php.nix @@ -1,18 +1,18 @@ '' 'saml20-idp-hosted', - 'entityid' => 'https://idp2.pvv.ntnu.no/', + 'entityid' => 'https://idp.pvv.ntnu.no/', 'SingleSignOnService' => [ [ 'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', - 'Location' => 'https://idp2.pvv.ntnu.no/module.php/saml/idp/singleSignOnService', + 'Location' => 'https://idp.pvv.ntnu.no/module.php/saml/idp/singleSignOnService', ], ], 'SingleLogoutService' => [ [ 'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', - 'Location' => 'https://idp2.pvv.ntnu.no/module.php/saml/idp/singleLogout', + 'Location' => 'https://idp.pvv.ntnu.no/module.php/saml/idp/singleLogout', ], ], 'NameIDFormat' => [ 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient' ], diff --git a/hosts/bekkalokk/services/mediawiki/simplesaml-authsources.php b/hosts/bekkalokk/services/mediawiki/simplesaml-authsources.php index 32824848..5ccdb213 100644 --- a/hosts/bekkalokk/services/mediawiki/simplesaml-authsources.php +++ b/hosts/bekkalokk/services/mediawiki/simplesaml-authsources.php @@ -6,6 +6,6 @@ $config = array( 'default-sp' => array( 'saml:SP', 'entityID' => 'https://wiki.pvv.ntnu.no/simplesaml/', - 'idp' => 'https://idp2.pvv.ntnu.no/', + 'idp' => 'https://idp.pvv.ntnu.no/', ), ); diff --git a/hosts/bekkalokk/services/webmail/default.nix b/hosts/bekkalokk/services/webmail/default.nix index 752d00a5..a1d61869 100644 --- a/hosts/bekkalokk/services/webmail/default.nix +++ b/hosts/bekkalokk/services/webmail/default.nix @@ -4,12 +4,12 @@ ./roundcube.nix ]; - services.nginx.virtualHosts."webmail2.pvv.ntnu.no" = { + services.nginx.virtualHosts."webmail.pvv.ntnu.no" = { forceSSL = true; enableACME = true; kTLS = true; locations."= /" = { - return = "301 https://www.pvv.ntnu.no/mail/"; + return = "302 https://webmail.pvv.ntnu.no/roundcube"; }; }; } diff --git a/hosts/bekkalokk/services/webmail/roundcube.nix b/hosts/bekkalokk/services/webmail/roundcube.nix index ef157acf..a320a341 100644 --- a/hosts/bekkalokk/services/webmail/roundcube.nix +++ b/hosts/bekkalokk/services/webmail/roundcube.nix @@ -3,7 +3,7 @@ with lib; let cfg = config.services.roundcube; - domain = "webmail2.pvv.ntnu.no"; + domain = "webmail.pvv.ntnu.no"; in { services.roundcube = { diff --git a/hosts/bekkalokk/services/website/default.nix b/hosts/bekkalokk/services/website/default.nix index 60760000..2886a44b 100644 --- a/hosts/bekkalokk/services/website/default.nix +++ b/hosts/bekkalokk/services/website/default.nix @@ -35,14 +35,14 @@ in { 'default-sp' => array( 'saml:SP', 'entityID' => 'https://${cfg.domainName}/simplesaml/', - 'idp' => 'https://idp2.pvv.ntnu.no/', + 'idp' => 'https://idp.pvv.ntnu.no/', ), ); ''; }; }; - domainName = "www2.pvv.ntnu.no"; + domainName = "www.pvv.ntnu.no"; settings = let includeFromSops = path: format.lib.mkRaw "file_get_contents('${config.sops.secrets."nettsiden/${path}".path}')";