From 1d7ccef31674e8bf3abeb519702cb7ef52a52d97 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Felix=20Schr=C3=B6ter?= <dev@felschr.com>
Date: Thu, 7 Mar 2024 20:13:13 +0100
Subject: [PATCH] feat(authelia): update webfinger

---
 services/authelia.nix | 47 ++++++++++++++++++++++++++++++++++---------
 1 file changed, 37 insertions(+), 10 deletions(-)

diff --git a/services/authelia.nix b/services/authelia.nix
index b47998b..1e0ec30 100644
--- a/services/authelia.nix
+++ b/services/authelia.nix
@@ -8,17 +8,44 @@ let
   redis = config.services.redis.servers.authelia;
   cfg = config.services.authelia.instances.main;
 
-  mkWebfinger = v:
-    pkgs.writeTextDir (lib.escapeURL v.subject) (lib.generators.toJSON { } v);
+  mkWebfinger = config: file:
+    pkgs.writeTextDir file (lib.generators.toJSON { } config);
+  mkWebfingers = { subject, ... }@config:
+    map (mkWebfinger config) [ subject (lib.escapeURL subject) ];
   webfingerRoot = pkgs.symlinkJoin {
     name = "felschr.com-webfinger";
-    paths = builtins.map mkWebfinger [{
-      subject = "acct:me@felschr.com";
-      links = [{
-        rel = "http://openid.net/specs/connect/1.0/issuer";
-        href = "https://auth.felschr.com";
-      }];
-    }];
+    paths = lib.flatten (builtins.map mkWebfingers [
+      {
+        subject = "acct:me@felschr.com";
+        links = [{
+          rel = "http://openid.net/specs/connect/1.0/issuer";
+          href = "https://auth.felschr.com";
+        }];
+      }
+      {
+        subject = "acct:felschr@fosstodon.org";
+        aliases = [
+          "https://fosstodon.org/@felschr"
+          "https://fosstodon.org/users/felschr"
+        ];
+        links = [
+          {
+            rel = "http://webfinger.net/rel/profile-page";
+            type = "text/html";
+            href = "https://fosstodon.org/@felschr";
+          }
+          {
+            rel = "self";
+            type = "application/activity+json";
+            href = "https://fosstodon.org/users/felschr";
+          }
+          {
+            rel = "http://ostatus.org/schema/1.0/subscribe";
+            template = "https://fosstodon.org/authorize_interaction?uri={uri}";
+          }
+        ];
+      }
+    ]);
   };
 
   smtpAccount = config.programs.msmtp.accounts.default;
@@ -188,7 +215,7 @@ in {
         if ($arg_resource) {
           rewrite ^(.*)$ /$arg_resource break;
         }
-        return 400;
+        rewrite ^(.*)$ /acct:felschr@fosstodon.org break;
       '';
     };
   };