modified setup.nix so that the proxy functions take cfg

2025-01-22 03:54:23 -06:00
parent d477f15cbc
commit 0152d4a1a8
21 changed files with 30 additions and 58 deletions
--- a/modules/servers/atticd.nix
+++ b/modules/servers/atticd.nix
@@ -31,7 +31,7 @@ in
        };
      };
      nginx.virtualHosts."cache.rotehaare.art" = lib.mkIf cfg.enableProxy (
-        setup.proxyReverseFix cfg.hostName cfg.port // { }
+        setup.proxyReverseFix cfg // { }
      );
    };
  };
--- a/modules/servers/audiobookshelf.nix
+++ b/modules/servers/audiobookshelf.nix
@@ -6,15 +6,16 @@ in
 {
  options.my.servers.audiobookshelf = setup.mkOptions "audiobookshelf" "audiobooks" 5687;
  config = {
+    my.servers.audiobookshelf.ip = "127.0.0.3";
    services = {
      audiobookshelf = lib.mkIf cfg.enable {
        inherit (cfg) port;
        enable = true;
+        host = cfg.ip;
        group = "piracy";
-        openFirewall = true;
      };
      nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
-        setup.proxy {
+        setup.proxy cfg {
          "/" = {
            proxyPass = cfg.local;
            extraConfig = ''
--- a/modules/servers/bazarr.nix
+++ b/modules/servers/bazarr.nix
@@ -12,9 +12,7 @@ in
        enable = true;
        group = "piracy";
      };
-      nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
-        setup.proxyReverse cfg.hostName cfg.port // { }
-      );
+      nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverse cfg // { });
    };
  };
 }
--- a/modules/servers/flame.nix
+++ b/modules/servers/flame.nix
@@ -47,8 +47,8 @@ in
    };
    services.nginx = {
      virtualHosts = lib.mkIf (cfg.enableProxy || cfgS.enableProxy) {
-        "${cfg.host}" = setup.proxyReverse cfg.hostName cfg.port // { };
-        "${cfgS.host}" = setup.proxyReverse cfgS.hostName cfgS.port // { };
+        "${cfg.host}" = setup.proxyReverse cfg // { };
+        "${cfgS.host}" = setup.proxyReverse cfgS // { };
      };
    };
  };
--- a/modules/servers/homepage.nix
+++ b/modules/servers/homepage.nix
@@ -22,9 +22,7 @@ in
          |> builtins.filter (file: builtins.match ".*\\.nix" file != null)
          |> map (file: import ./homepage/bookmarks/${file});
      };
-      nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
-        setup.proxyReverse cfg.hostName cfg.port // { }
-      );
+      nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverse cfg // { });
    };
  };
 }
--- a/modules/servers/kavita.nix
+++ b/modules/servers/kavita.nix
@@ -24,9 +24,7 @@ in
        enable = true;
        tokenKeyFile = config.sops.secrets.kavita-token.path;
      };
-      nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
-        setup.proxyReverse cfg.hostName cfg.port // { }
-      );
+      nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverse cfg // { });
    };
  };
 }
--- a/modules/servers/lidarr.nix
+++ b/modules/servers/lidarr.nix
@@ -30,7 +30,7 @@ in
      ];
    };
    services.nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
-      setup.proxyReverseFix cfg.hostName cfg.port // { }
+      setup.proxyReverseFix cfg // { }
    );
  };
 }
--- a/modules/servers/maloja.nix
+++ b/modules/servers/maloja.nix
@@ -23,7 +23,7 @@ in
      volumes = [ "${config.my.containerData}/maloja:/mljdata" ];
    };
    services.nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
-      setup.proxyReverse cfg.hostName cfg.port // { }
+      setup.proxyReverse cfg // { }
    );
  };
 }
--- a/modules/servers/mealie.nix
+++ b/modules/servers/mealie.nix
@@ -27,9 +27,7 @@ in
        };
        credentialsFile = config.sops.secrets.mealie.path;
      };
-      nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
-        setup.proxyReverse cfg.hostName cfg.port // { }
-      );
+      nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverse cfg // { });
    };
  };
 }
--- a/modules/servers/metube.nix
+++ b/modules/servers/metube.nix
@@ -22,7 +22,7 @@ in
      };
    };
    services.nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
-      setup.proxyReverse cfg.hostName cfg.port // { }
+      setup.proxyReverse cfg // { }
    );
  };
 }
--- a/modules/servers/microbin.nix
+++ b/modules/servers/microbin.nix
@@ -20,9 +20,7 @@ in
          MICROBIN_ENCRYPTION_SERVER_SIDE = true;
        };
      };
-      nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
-        setup.proxyReverse cfg.hostName cfg.port // { }
-      );
+      nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverse cfg // { });
    };
  };
 }
--- a/modules/servers/multi-scrobbler.nix
+++ b/modules/servers/multi-scrobbler.nix
@@ -24,7 +24,7 @@ in
      volumes = [ "${config.my.containerData}/multi-scrobbler:/config" ];
    };
    services.nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
-      setup.proxyReverse cfg.hostName cfg.port // { }
+      setup.proxyReverse cfg // { }
    );
  };
 }
--- a/modules/servers/nix-serve.nix
+++ b/modules/servers/nix-serve.nix
@@ -20,9 +20,7 @@ in
        inherit (cfg) port;
        secretKeyFile = config.sops.secrets."private_cache_keys/miniserver".path;
      };
-      nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
-        setup.proxyReverse cfg.hostName cfg.port // { }
-      );
+      nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverse cfg // { });
    };
  };
 }
--- a/modules/servers/ombi.nix
+++ b/modules/servers/ombi.nix
@@ -12,9 +12,7 @@ in
        port = cfg.port;
        openFirewall = (!cfg.isLocal);
      };
-      nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
-        setup.proxyReverseFix cfg.hostName cfg.port // { }
-      );
+      nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverseFix cfg // { });
    };
  };
 }
--- a/modules/servers/prowlarr.nix
+++ b/modules/servers/prowlarr.nix
@@ -23,9 +23,7 @@ in
        package = pkgs.nur.repos.xddxdd.flaresolverr-21hsmw;
        openFirewall = true;
      };
-      nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
-        setup.proxyReverseFix cfg.hostName cfg.port // { }
-      );
+      nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverseFix cfg // { });
    };
  };
 }
--- a/modules/servers/radarr.nix
+++ b/modules/servers/radarr.nix
@@ -12,9 +12,7 @@ in
        enable = true;
        group = "piracy";
      };
-      nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
-        setup.proxyReverseFix cfg.hostName cfg.port // { }
-      );
+      nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverseFix cfg // { });
    };
  };
 }
--- a/modules/servers/ryot.nix
+++ b/modules/servers/ryot.nix
@@ -20,7 +20,7 @@ in
      volumes = [ "${config.my.postgresSocket}:${config.my.postgresSocket}" ];
    };
    services.nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
-      setup.proxyReverse cfg.hostName cfg.port // { }
+      setup.proxyReverse cfg // { }
    );
  };
 }
--- a/modules/servers/setup.nix
+++ b/modules/servers/setup.nix
@@ -41,30 +41,25 @@ let
      default = "${config.my.servers.${name}.hostName}" == config.my.mainServer;
    };
  };
-  proxy = locations: {
+  proxy = cfg: locations: {
    inherit locations;
    forceSSL = true;
    enableACME = true;
    http2 = true;
+    # listenAddresses = [ cfg.ip ];
  };
-  proxyReverse =
-    host: port:
-    let
-      useLocalhost = host == config.networking.hostName;
-      proxyTarget = if useLocalhost then config.my.localhost else config.my.ips."${host}";
-    in
-    proxy { "/".proxyPass = "http://${proxyTarget}:${toString port}/"; };
+  proxyReverse = cfg: proxy cfg { "/".proxyPass = "http://${cfg.ip}:${toString cfg.port}/"; };
  proxyReverseFix =
-    host: port:
+    cfg:
    let
-      useLocalhost = host == config.networking.hostName;
+      useLocalhost = cfg.hostName == config.networking.hostName;
      localHeaders = ''
        proxy_set_header   Host $host;
        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Proto $scheme;
      '';
    in
-    proxyReverse host port
+    proxyReverse cfg
    // {
      extraConfig = ''
        ${if useLocalhost then localHeaders else ""}
--- a/modules/servers/shiori.nix
+++ b/modules/servers/shiori.nix
@@ -10,14 +10,12 @@ in
    sops.secrets = lib.mkIf cfg.enable { shiori.sopsFile = ../../secrets/env.yaml; };
    services = {
      shiori = lib.mkIf cfg.enable {
-        enable = true;
        inherit (cfg) port;
+        enable = true;
        environmentFile = config.sops.secrets.shiori.path;
        databaseUrl = "postgres:///shiori?host=${config.my.postgresSocket}";
      };
-      nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
-        setup.proxyReverse cfg.hostName cfg.port // { }
-      );
+      nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverse cfg // { });
    };
  };
 }
--- a/modules/servers/sonarr.nix
+++ b/modules/servers/sonarr.nix
@@ -12,9 +12,7 @@ in
        group = "piracy";
        openFirewall = (!cfg.isLocal);
      };
-      nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
-        setup.proxyReverseFix cfg.hostName cfg.port // { }
-      );
+      nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverseFix cfg // { });
    };
  };
 }
--- a/modules/servers/vaultwarden.nix
+++ b/modules/servers/vaultwarden.nix
@@ -31,9 +31,7 @@ in
          LOG_LEVEL = "warn";
        };
      };
-      nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
-        setup.proxyReverse cfg.hostName cfg.port // { }
-      );
+      nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverse cfg // { });
    };
  };
 }