From fc2b2c0b780f0811c7dff907e640919ab8a5cd7b Mon Sep 17 00:00:00 2001
From: Yorick van Pelt <yorick@yorickvanpelt.nl>
Date: Sun, 23 May 2021 17:20:57 +0200
Subject: [PATCH] commit muflax-church

---
 services/muflax-church.nix | 52 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 52 insertions(+)
 create mode 100644 services/muflax-church.nix

diff --git a/services/muflax-church.nix b/services/muflax-church.nix
new file mode 100644
index 0000000..8da4ac3
--- /dev/null
+++ b/services/muflax-church.nix
@@ -0,0 +1,52 @@
+{ config, lib, pkgs, ... }:
+
+let
+  muflax-source = builtins.fetchGit {
+    rev = "e5ce7ae4296c6605a7e886c153d569fc38318096";
+    ref = "HEAD";
+    url = "https://github.com/fmap/muflax65ngodyewp.onion.git";
+};
+nixpkgs = import (builtins.fetchTarball {
+  url = "https://github.com/NixOS/nixpkgs-channels/archive/78e9665b48ff45d3e29f45b3ebeb6fc6c6e19922.tar.gz";
+  sha256 = "09f50jaijvry9lrnx891qmcf92yb8qs64n1cvy0db2yjrmxsxyw8";
+}) { system = builtins.currentSystem; };
+  muflax-church = (nixpkgs.callPackage "${muflax-source}/maintenance" {}).overrideDerivation (default: {
+    buildPhase = default.buildPhase + "\n" + ''
+      grep -lr '[^@]muflax.com' out | xargs -r sed -i 's/\([^@]\)muflax.com/\1muflax.church/g;s/http:\/\/\([^@]*\)muflax.church/https:\/\/\1muflax.church/g'
+    '';
+  });
+  cfg = config.services.yorick.muflax-church;
+  inherit (cfg) vhost;
+  addrs = {
+    "daily.${vhost}" = "${muflax-church}/daily";
+    "blog.${vhost}" = "${muflax-church}/blog";
+    "gospel.${vhost}" = "${muflax-church}/gospel";
+    "alt.${vhost}" = "/home/public/public/muflax";
+  };
+  m = x: root: { forceSSL = true; useACMEHost = vhost; inherit root; };
+in
+{
+  options.services.yorick.muflax-church = with lib; {
+    enable = mkEnableOption "muflax.church";
+    vhost = mkOption { type = types.str; };
+  };
+  config = lib.mkIf cfg.enable {
+    services.nginx.virtualHosts = {
+      ${cfg.vhost} = {
+        forceSSL = true;
+        enableACME = true;
+        root = "${muflax-church}/muflax";
+      };
+      "daily.${vhost}" = m "${muflax-church}/daily";
+      "blog.${vhost}" = m "${muflax-church}/blog";
+      "gospel.${vhost}" = m "${muflax-church}/gospel";
+      "alt.${vhost}" = m "/home/public/public/muflax";
+    } // (lib.mapAttrs m addrs);
+    security.acme.certs.${vhost}.extraDomainNames = [
+      "daily.${vhost}"
+      "blog.${vhost}"
+      "gospel.${vhost}"
+      "alt.${vhost}"
+    ];
+  };
+}