31 lines
1 KiB
Nix
31 lines
1 KiB
Nix
|
{ config, pkgs, lib, assets, ... }:
|
||
|
|
let
|
||
|
|
server_name = "ingolf-wagner.de";
|
||
|
|
in
|
||
|
|
{
|
||
|
|
# check :
|
||
|
|
# - https://metacode.biz/openpgp/web-key-directory
|
||
|
|
# - $> gpg --homedir "$(mktemp -d)" -v --auto-key-locate clear,wkd,nodefault --locate-key contact@ingolf-wagner.de
|
||
|
|
services.nginx.virtualHosts.${server_name}.locations =
|
||
|
|
let
|
||
|
|
wkd =
|
||
|
|
{
|
||
|
|
extraConfig = ''
|
||
|
|
default_type application/octet-stream;
|
||
|
|
add_header Access-Control-Allow-Origin * always;
|
||
|
|
'';
|
||
|
|
#alias = pkgs.runCommand "contact@ingolf-wagner.de" { } ''
|
||
|
|
# cat ${assets}/contact@ingolf-wagner.de.gpg | ${pkgs.gnupg}/bin/gpg --dearmor > $out
|
||
|
|
#'';
|
||
|
|
alias = toString "${assets}/contact@ingolf-wagner.de.gpg";
|
||
|
|
};
|
||
|
|
in
|
||
|
|
{
|
||
|
|
"= /.well-known/openpgpkey/policy".return = "200";
|
||
|
|
# hashes generated by : gpg --with-wkd-hash --fingerprint contact@ingolf-wagner.de
|
||
|
|
"= /.well-known/openpgpkey/hu/dj3498u4hyyarh35rkjfnghbjxug6b19" = wkd;
|
||
|
|
};
|
||
|
|
|
||
|
|
# todo openpgpkey.ingolf-wagner.de noch einrichten
|
||
|
|
}
|