rico2: setup the proofs subdomain

home/programs/git.nix

@@ -9,7 +9,7 @@ in {
     userEmail = user.primary.emailAddress;
     userName = user.primary.realName;
     signing = {
-      key = user.primary.signingKey;
+      key = user.primary.pgpFingerprint;
       signByDefault = true;
     };
     extraConfig = {

hosts/rico2/containers/adtya.xyz.nix

@@ -5,7 +5,6 @@
   };
 
   services.caddy.virtualHosts."adtya.xyz" = {
-    hostName = "adtya.xyz";
     serverAliases = ["www.adtya.xyz"];
     extraConfig = ''
       reverse_proxy http://127.0.0.1:3000

hosts/rico2/services/caddy.nix

@@ -1,8 +1,14 @@
 {...}: let
-  caddy_config = (import ../../../secrets.nix).caddy_config;
+  secrets = import ../../../secrets.nix;
 in {
   services.caddy = {
     enable = true;
-    email = caddy_config.email;
+    email = secrets.caddy_config.email;
+
+    virtualHosts."proofs.adtya.xyz" = {
+      extraConfig = ''
+        redir https://keyoxide.org/hkp/${secrets.users.primary.pgpFingerprint}
+      '';
+    };
   };
 }

hosts/rico2/services/frpc.nix

@@ -45,5 +45,15 @@ in {
     type = https
     custom_domains = www.adtya.xyz
     local_port = 443
+
+    [http.proofs.adtya.xyz]
+    type = http
+    custom_domains = proofs.adtya.xyz
+    local_port = 80
+
+    [https.proofs.adtya.xyz]
+    type = https
+    custom_domains = proofs.adtya.xyz
+    local_port = 443
   '';
 }

hosts/rico2/services/ssh.nix

@@ -1,4 +1,4 @@
-{ ... }: {
+{...}: {
   services.openssh = {
     enable = true;
     settings = {