redirects and proxy passes working (except for ssl which needs to migrate to dns)

2025-07-01 15:52:42 +02:00 · 2025-07-01 15:52:42 +02:00 · 42b0d35691
commit 42b0d35691
parent a7c1e37375
4 changed files with 295 additions and 12 deletions
--- a/nixos/machines/cthulhu/configuration.nix
+++ b/nixos/machines/cthulhu/configuration.nix
@ -3,23 +3,24 @@
    ./hardware-configuration.nix
    ../../roles
    ../../roles/vm.nix
-    ../../modules/vmNetwork.nix
+    ../../modules/reverseProxy.nix
  ];

  # System configuration here

  networking.hostName = "cthulhu";
-  vmNetwork.ipv4 = "192.168.0.16";
  system.stateVersion = "25.05";
-
-  sops.secrets = {
-    backupKey = {
-      sopsFile = ./backupKey.secrets.yaml;
-      owner = "root";
-      group = "root";
-      mode = "0400";
-    };
+  services.reverseProxy = {
+    enable = true;
+    redirects = import ./redirects.nix;
+    proxies = import ./proxies.nix;
  };
-  # TODO for the network rework, make a central record of hostnames to ip adresses where every
-  # machine can read out their ip address and also this machine
+  #  sops.secrets = {
+  #    backupKey = {
+  #      sopsFile = ./backupKey.secrets.yaml;
+  #      owner = "root";
+  #      group = "root";
+  #      mode = "0400";
+  #    };
+  #  };
 }
--- a/nixos/machines/cthulhu/proxies.nix
+++ b/nixos/machines/cthulhu/proxies.nix
@ -0,0 +1,13 @@
+{
+  "lists.mathebau.de"."/" = {
+    targetMachine = "lobon";
+  };
+  # matheball.de (192.168.0.21)
+  # mathechor.de (192.168.0.19:80)
+  # cloud.mathechor.de (192.168.0.20:80)
+  # gitea.mathebau.de (192.168.0.23:3000)
+  # codi.mathebau.de (192.168.0.18)
+  # fswiki.mathebau.de owowiki.mathebau.de surveys.mathebau.de (192.168.0.15)
+  # events.mathebau.de (192.168.0.13:8080)
+  # sprechstunden.mathebau.de (192.168.0.14:8080)
+}
--- a/nixos/machines/cthulhu/redirects.nix
+++ b/nixos/machines/cthulhu/redirects.nix
@ -0,0 +1,67 @@
+{
+  "mathebau.de" = {
+    "/adventskalender" = "https://www.mathematik.tu-darmstadt.de/fachschaft/fachschaftarbeit/adventskalender/adventskalender.de.jsp";
+    "/discord" = "https://www.mathematik.tu-darmstadt.de/fachschaft/orientierung/it_tutorial/nach_der_owo/discord/discord_1.de.jsp";
+    "/lama" = "https://www.mathematik.tu-darmstadt.de/studium/studieninteressierte/entscheidungshilfen/lange_nacht_der_mathematik/index.de.jsp";
+    "/angebote" = "https://www.mathematik.tu-darmstadt.de/fachschaft/fachschaftarbeit/angebote/index.de.jsp";
+    "/elzm" = "https://moodle.tu-darmstadt.de/course/view.php?id=6427";
+    "/feedback" = "https://surveys.mathebau.de/index.php/233595";
+    "/frewe" = "https://events.mathebau.de/anmelden/cm0utz4vf3130arv92znr46sy";
+    "/gewowe" = "https://www.mathematik.tu-darmstadt.de/fachschaft/orientierung/gewowe/index.de.jsp";
+    # Wenn es jemand findet, darf er es löschen ;-) (found it, it's still here)
+    "/gonne" = "https://www.youtube.com/watch?v=dQw4w9WgXcQ";
+    "/heute" = "https://sharelatex.tu-darmstadt.de/6643831242fprjkkyqynkd";
+    "/mentoring" = "https://www.mathematik.tu-darmstadt.de/fachschaft/orientierung/orientierungswoche/mentoringwahl/mentoringwahl.de.jsp";
+    "/mumble" = "https://www.mathematik.tu-darmstadt.de/fachschaft/orientierung/it_tutorial/nach_der_owo/mumble/index.de.jsp";
+    "/nebenfach" = "https://www.mathematik.tu-darmstadt.de/fachschaft/orientierung/orientierungswoche/nebenfachwahl/nebenfachwahl.de.jsp";
+    "/owo" = "https://www.mathematik.tu-darmstadt.de/fachschaft/orientierung/orientierungswoche/index.de.jsp";
+    "/owoinfo" = "https://www.mathematik.tu-darmstadt.de/fachschaft/orientierung/orientierungswoche/owo_info/index.de.jsp";
+    "/owo-team" = "https://www.mathematik.tu-darmstadt.de/fachschaft/orientierung/orientierungswoche/owo_team/owo_team.de.jsp";
+    "/it" = "https://www.mathematik.tu-darmstadt.de/fachschaft/orientierung/it_tutorial/it_tutorial_1/it_tutorial.de.jsp";
+    "/tucan" = "https://www.mathematik.tu-darmstadt.de/fachschaft/orientierung/it_tutorial/waehrend_der_owo/tucan/tucan_1.de.jsp";
+    "/mma" = "https://surveys.mathebau.de/index.php/286922";
+    "/verein-flyer" = "https://www.mathematik.tu-darmstadt.de/media/fsmathe/verein/FS_Verein_Flyer.pdf";
+    "/verein" = "https://www.mathematik.tu-darmstadt.de/fachschaft/fachschaftarbeit/foerderverein/index.de.jsp";
+    "/" = "https://www.mathematik.tu-darmstadt.de/fachschaft/fachschaftarbeit/index.de.jsp";
+  };
+  "www.mathebau.de"."/" = {
+    target = "$scheme://mathebau.de$request_uri";
+    code = "301";
+  };
+  "matheball.mathebau.de"."/" = {
+    target = "https://matheball.de$request_uri";
+    code = "301";
+  };
+  "www.matheball.de"."/" = {
+    target = "https://matheball.de$request_uri";
+    code = "301";
+  };
+  # these two were "$scheme://mathechor,de..." before
+  "intern.mathechor.de"."/" = "https://mathechor.de/intern$request_uri";
+  "www.mathechor.de"."/" = "https://mathechor.de$request_uri";
+  # there used to be stats.mathebau.de. while it seems to have something todo with
+  # prometheus, it also seems to be dead
+  "theaterskript.mathebau.de"."/" = "https://sharelatex.tu-darmstadt.de/2714416651sgmwmttcxjzn#76633a";
+}
+# # Hosting
+# download.mathebau.de Hosting
+# theateraufnahmen.mathebau.de
+#
+# # Proxy passes
+#
+# lists.mathebau.de 192.168.0.22 (lobon?)
+# matheball.de (192.168.0.21)
+# mathechor.de (192.168.0.19:80)
+# cloud.mathechor.de (192.168.0.20:80)
+# gitea.mathebau.de (192.168.0.23:3000)
+# codi.mathebau.de (192.168.0.18)
+# fswiki.mathebau.de owowiki.mathebau.de surveys.mathebau.de (192.168.0.15)
+# events.mathebau.de (192.168.0.13:8080)
+# sprechstunden.mathebau.de (192.168.0.14:8080)
+#
+# challenges will be dns, so we don't need the last two from the proxies file
+# (and the way we do it now, doesn't work with nix as acmebot needs to rewrite nginx
+# config that is read only in nix)
+#
+#
+