c3d2-web: cleanup

hosts/c3d2-web/default.nix

@@ -1,12 +1,11 @@
 { config, hostRegistry, lib, pkgs, ... }:
-let
-  webroot = "/var/www";
-in
+
 {
   microvm = {
     vcpu = 4;
     mem = 2 * 1024; # drone-ssh-runner clones the git repo which requires some RAM
   };
+
   c3d2.deployment = {
     # /tmp is to small for drone to clone the repo even with depth
     mounts = lib.mkOptionDefault [ "tmp" ];
@@ -15,13 +14,15 @@ in
 
   system.stateVersion = "22.05";
 
-  networking.hostName = "c3d2-web";
-  networking.firewall.allowedTCPPorts = [
-    # telme10
-    23
-    # gemini
-    1965
-  ];
+  networking = {
+    hostName = "c3d2-web";
+    firewall.allowedTCPPorts = [
+      # telme10
+      23
+      # gemini
+      1965
+    ];
+  };
 
   security.acme.certs = {
     # agate cannot load modern crypto like "ec256" keys
@@ -42,7 +43,7 @@ in
         ];
         enableACME = true;
         forceSSL = true;
-        root = "${webroot}/c3d2";
+        root = "/var/www/c3d2";
         extraConfig = ''
           index portal.html index.html;
         '';
@@ -87,7 +88,7 @@ in
         ];
         enableACME = true;
         forceSSL = true;
-        root = "${webroot}/c3d2/datenspuren";
+        root = "/var/www/c3d2/datenspuren";
         extraConfig = ''
           index index.html;
           rewrite ^/$ /2023/ redirect;
@@ -99,7 +100,7 @@ in
       "autotopia.c3d2.de" = {
         enableACME = true;
         forceSSL = true;
-        root = "${webroot}/c3d2/autotopia";
+        root = "/var/www/c3d2/autotopia";
         extraConfig = ''
           index index.html;
           rewrite ^/$ /2020/ redirect;
@@ -118,6 +119,7 @@ in
       };
     };
   };
+
   # Gemini server
   services.agate = {
     enable = true;
@@ -218,7 +220,7 @@ in
   };
 
   systemd.tmpfiles.rules = with config.users.users.c3d2-web; [
-    "d ${webroot}/c3d2 0755 c3d2-web ${group} -"
+    "d /var/www/c3d2 0755 c3d2-web ${group} -"
     "d ${config.services.agate.contentDir} 0755 c3d2-web ${group} -"
     "d ${home} 0700 c3d2-web ${group} -"
   ];