From 0c961c1d4d20b516a5fcb838a00533968ae00b5b Mon Sep 17 00:00:00 2001
From: Price Hiller <price@price-hiller.com>
Date: Thu, 16 Jan 2025 01:23:31 -0600
Subject: [PATCH] feat(hosts/luna): advertise pgp key via WKD

---
 hosts/luna/modules/services/nginx.nix         |  31 ------------
 hosts/luna/modules/services/nginx/default.nix |  45 ++++++++++++++++++
 .../gpg-wkd/rnmhgp3dsaq8hjgu49j8oongugr5cg4j  | Bin 0 -> 1078 bytes
 3 files changed, 45 insertions(+), 31 deletions(-)
 delete mode 100644 hosts/luna/modules/services/nginx.nix
 create mode 100644 hosts/luna/modules/services/nginx/default.nix
 create mode 100644 hosts/luna/modules/services/nginx/gpg-wkd/rnmhgp3dsaq8hjgu49j8oongugr5cg4j

diff --git a/hosts/luna/modules/services/nginx.nix b/hosts/luna/modules/services/nginx.nix
deleted file mode 100644
index 9e43bd6a..00000000
--- a/hosts/luna/modules/services/nginx.nix
+++ /dev/null
@@ -1,31 +0,0 @@
-{ inputs, pkgs, ... }:
-{
-  services.nginx = {
-    enable = true;
-    recommendedProxySettings = true;
-    recommendedOptimisation = true;
-    recommendedGzipSettings = true;
-    recommendedTlsSettings = true;
-  };
-
-  security.acme = {
-    acceptTerms = true;
-    defaults.email = "price@price-hiller.com";
-  };
-
-  networking.firewall.allowedTCPPorts = [ 80 443 ];
-  services.nginx.virtualHosts = {
-    "price-hiller.com" = {
-      forceSSL = true;
-      enableACME = true;
-      root = inputs.blog.packages.${pkgs.system}.default;
-      locations."/".extraConfig = ''
-        if ($request_uri ~ ^/(.*)\.html(\?|$)) {
-            return 302 /$1;
-        }
-        try_files $uri $uri.html $uri/ =404;
-      '';
-      locations."/".index = "home.html";
-    };
-  };
-}
\ No newline at end of file
diff --git a/hosts/luna/modules/services/nginx/default.nix b/hosts/luna/modules/services/nginx/default.nix
new file mode 100644
index 00000000..19a21abe
--- /dev/null
+++ b/hosts/luna/modules/services/nginx/default.nix
@@ -0,0 +1,45 @@
+{ inputs, pkgs, ... }:
+{
+  services.nginx = {
+    enable = true;
+    recommendedProxySettings = true;
+    recommendedOptimisation = true;
+    recommendedGzipSettings = true;
+    recommendedTlsSettings = true;
+  };
+
+  security.acme = {
+    acceptTerms = true;
+    defaults.email = "price@price-hiller.com";
+  };
+
+  networking.firewall.allowedTCPPorts = [
+    80
+    443
+  ];
+  services.nginx.virtualHosts = {
+    "price-hiller.com" = {
+      forceSSL = true;
+      enableACME = true;
+      root = inputs.blog.packages.${pkgs.system}.default;
+      locations = {
+        "/" = {
+          extraConfig = ''
+            if ($request_uri ~ ^/(.*)\.html(\?|$)) {
+                return 302 /$1;
+            }
+            try_files $uri $uri.html $uri/ =404;
+          '';
+          index = "home.html";
+        };
+        "/.well-known/openpgpkey/hu/rnmhgp3dsaq8hjgu49j8oongugr5cg4" = {
+          index = pkgs.writeText "pgp-pub-wkd" builtins.readFile ./public-pgp-key.asc;
+          extraConfig = ''
+            default_type application/octet-stream;
+            add_header Access-Control-Allow-Origin "*";
+          '';
+        };
+      };
+    };
+  };
+}
diff --git a/hosts/luna/modules/services/nginx/gpg-wkd/rnmhgp3dsaq8hjgu49j8oongugr5cg4j b/hosts/luna/modules/services/nginx/gpg-wkd/rnmhgp3dsaq8hjgu49j8oongugr5cg4j
new file mode 100644
index 0000000000000000000000000000000000000000..a137239c0895b748a8e1e350f4560be1c9c88b31
GIT binary patch
literal 1078
zcmbPX%#wQQKaUuvHX9=g<1Kf7Mn-mr(pqh<wWd2--p_Ckzt5*xTUVGpPuU>Kx4%g6
zT*@-nge_VDMVZN|3Lcp`IjKboHU%J_Lw-?aex7bgYH~(ieolURW@@osX1-m=WENpD
zE(U8cMV5pgF{@9s+iDhbcKkj3>+bUv!QQV~nLySvNi(x@b8@gVF)1;ziE?pra5J%p
zF)=eT$+0tuH!yH<3c%E>yD>5>YPzvq^=9{)NijcH7>G@~5N3HuO({NN8CQY*uJi+^
z_AoNcbhiFqI7LS?JlD}yG-A5$J(HcM{Qj<5xk{5!PE6LBYl|v24}iU)n*sKeUUGh}
zT}L0-?PfULp5CD)2Xs3N$n7j3ce8?A&A=qbiso$o5{5tgg2h);#I@dkWIlg0O7Y5c
zgOraN7oHZcPsnYbU=W<Ojgeu6&+dSC3*P<tXK?M5mw4h9VJ7D<mogu#|CLVqxn{{e
z&K(xu$P(fLN7nREMpjU4Nk3$KeMDLF)6Qk7lg?zEW_q4GiA{DbYf|QQlPMnsT%ws7
zIoLZYSR{b4pn%gSkXYbB4(j*?j11Ql;~iE;D#@HkjSKm3`0G7+uEJ;Y7ipdq?+rAv
z@zJ(n_+MyM_GI@-oz1}&%KN?sa$Z#FpZ@Hv+VWegYPPq}ur}q|0Zd@08Ld$h*h{gE
zns1w<=Zp8sFl^^w;k%Y5G3D=HnYpJ{U7D`>!z_ZZbAd)ONh=^bmy?m<ue54^L+GA^
z_g_8`{<Asp>-D19vpHQj&z|DcuXr^(m;F2=!;OT9lt^KopZy{$awN-getG%EZ5P~h
zKC>xEZrZ)%i_Bo>N++T^x9ixZq~B8_1FW~Rl*|s|2<2ZgN#I%H7Biu?jaJFk%kFi&
zCltD;r4yN?nHU-o3As#xMG_bzvcMRbzwmHy&GVg$G?S0s*8Jgdm$TmT4KQB-^?>{b
z6G>=d_{~=HpEKFb;#ZyTHTg?QXCIxuGw<U+vx0Y}M+0uHKl|n|!~a@~d?9Ih(}4DC
zYU|h!@R?}u-!^^96fJ=pCkwgcEp9RH3u5>m6Va)>LHD_Zi)rl@vDgJ|*H_<ORN%{e
xdKPneGQ<C3HirL6%B$s9@_uVG{a$n-b=}7Ds$WJNkL6otJ(e$gZvHHi0RTq}uK)l5

literal 0
HcmV?d00001