jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

modified setup.nix so that the proxy functions take cfg

Browse Source
This commit is contained in:
Danilo Reyes
2025-01-22 03:54:23 -06:00
parent d477f15cbc
commit 0152d4a1a8
21 changed files with 30 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
modules/servers/atticd.nix
View File

@@ -31,7 +31,7 @@ in
}; };
}; };
nginx.virtualHosts."cache.rotehaare.art" = lib.mkIf cfg.enableProxy ( nginx.virtualHosts."cache.rotehaare.art" = lib.mkIf cfg.enableProxy (
setup.proxyReverseFix cfg.hostName cfg.port // { } setup.proxyReverseFix cfg // { }
); );
}; };
}; };

5
modules/servers/audiobookshelf.nix
View File

@@ -6,15 +6,16 @@ in
{ {
options.my.servers.audiobookshelf = setup.mkOptions "audiobookshelf" "audiobooks" 5687; options.my.servers.audiobookshelf = setup.mkOptions "audiobookshelf" "audiobooks" 5687;
config = { config = {
my.servers.audiobookshelf.ip = "127.0.0.3";
services = { services = {
audiobookshelf = lib.mkIf cfg.enable { audiobookshelf = lib.mkIf cfg.enable {
inherit (cfg) port; inherit (cfg) port;
enable = true; enable = true;
host = cfg.ip;
group = "piracy"; group = "piracy";
openFirewall = true;
}; };
nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
setup.proxy { setup.proxy cfg {
"/" = { "/" = {
proxyPass = cfg.local; proxyPass = cfg.local;
extraConfig = '' extraConfig = ''

4
modules/servers/bazarr.nix
View File

@@ -12,9 +12,7 @@ in
enable = true; enable = true;
group = "piracy"; group = "piracy";
}; };
nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverse cfg // { });
setup.proxyReverse cfg.hostName cfg.port // { }
);
}; };
}; };
} }

4
modules/servers/flame.nix
View File

@@ -47,8 +47,8 @@ in
}; };
services.nginx = { services.nginx = {
virtualHosts = lib.mkIf (cfg.enableProxy || cfgS.enableProxy) { virtualHosts = lib.mkIf (cfg.enableProxy || cfgS.enableProxy) {
"${cfg.host}" = setup.proxyReverse cfg.hostName cfg.port // { }; "${cfg.host}" = setup.proxyReverse cfg // { };
"${cfgS.host}" = setup.proxyReverse cfgS.hostName cfgS.port // { }; "${cfgS.host}" = setup.proxyReverse cfgS // { };
}; };
}; };
}; };

4
modules/servers/homepage.nix
View File

@@ -22,9 +22,7 @@ in
|> builtins.filter (file: builtins.match ".*\\.nix" file != null) |> builtins.filter (file: builtins.match ".*\\.nix" file != null)
|> map (file: import ./homepage/bookmarks/${file}); |> map (file: import ./homepage/bookmarks/${file});
}; };
nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverse cfg // { });
setup.proxyReverse cfg.hostName cfg.port // { }
);
}; };
}; };
} }

4
modules/servers/kavita.nix
View File

@@ -24,9 +24,7 @@ in
enable = true; enable = true;
tokenKeyFile = config.sops.secrets.kavita-token.path; tokenKeyFile = config.sops.secrets.kavita-token.path;
}; };
nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverse cfg // { });
setup.proxyReverse cfg.hostName cfg.port // { }
);
}; };
}; };
} }

2
modules/servers/lidarr.nix
View File

@@ -30,7 +30,7 @@ in
]; ];
}; };
services.nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( services.nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
setup.proxyReverseFix cfg.hostName cfg.port // { } setup.proxyReverseFix cfg // { }
); );
}; };
} }

2
modules/servers/maloja.nix
View File

@@ -23,7 +23,7 @@ in
volumes = [ "${config.my.containerData}/maloja:/mljdata" ]; volumes = [ "${config.my.containerData}/maloja:/mljdata" ];
}; };
services.nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( services.nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
setup.proxyReverse cfg.hostName cfg.port // { } setup.proxyReverse cfg // { }
); );
}; };
} }

4
modules/servers/mealie.nix
View File

@@ -27,9 +27,7 @@ in
}; };
credentialsFile = config.sops.secrets.mealie.path; credentialsFile = config.sops.secrets.mealie.path;
}; };
nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverse cfg // { });
setup.proxyReverse cfg.hostName cfg.port // { }
);
}; };
}; };
} }

2
modules/servers/metube.nix
View File

@@ -22,7 +22,7 @@ in
}; };
}; };
services.nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( services.nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
setup.proxyReverse cfg.hostName cfg.port // { } setup.proxyReverse cfg // { }
); );
}; };
} }

4
modules/servers/microbin.nix
View File

@@ -20,9 +20,7 @@ in
MICROBIN_ENCRYPTION_SERVER_SIDE = true; MICROBIN_ENCRYPTION_SERVER_SIDE = true;
}; };
}; };
nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverse cfg // { });
setup.proxyReverse cfg.hostName cfg.port // { }
);
}; };
}; };
} }

2
modules/servers/multi-scrobbler.nix
View File

@@ -24,7 +24,7 @@ in
volumes = [ "${config.my.containerData}/multi-scrobbler:/config" ]; volumes = [ "${config.my.containerData}/multi-scrobbler:/config" ];
}; };
services.nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( services.nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
setup.proxyReverse cfg.hostName cfg.port // { } setup.proxyReverse cfg // { }
); );
}; };
} }

4
modules/servers/nix-serve.nix
View File

@@ -20,9 +20,7 @@ in
inherit (cfg) port; inherit (cfg) port;
secretKeyFile = config.sops.secrets."private_cache_keys/miniserver".path; secretKeyFile = config.sops.secrets."private_cache_keys/miniserver".path;
}; };
nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverse cfg // { });
setup.proxyReverse cfg.hostName cfg.port // { }
);
}; };
}; };
} }

4
modules/servers/ombi.nix
View File

@@ -12,9 +12,7 @@ in
port = cfg.port; port = cfg.port;
openFirewall = (!cfg.isLocal); openFirewall = (!cfg.isLocal);
}; };
nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverseFix cfg // { });
setup.proxyReverseFix cfg.hostName cfg.port // { }
);
}; };
}; };
} }

4
modules/servers/prowlarr.nix
View File

@@ -23,9 +23,7 @@ in
package = pkgs.nur.repos.xddxdd.flaresolverr-21hsmw; package = pkgs.nur.repos.xddxdd.flaresolverr-21hsmw;
openFirewall = true; openFirewall = true;
}; };
nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverseFix cfg // { });
setup.proxyReverseFix cfg.hostName cfg.port // { }
);
}; };
}; };
} }

4
modules/servers/radarr.nix
View File

@@ -12,9 +12,7 @@ in
enable = true; enable = true;
group = "piracy"; group = "piracy";
}; };
nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverseFix cfg // { });
setup.proxyReverseFix cfg.hostName cfg.port // { }
);
}; };
}; };
} }

2
modules/servers/ryot.nix
View File

@@ -20,7 +20,7 @@ in
volumes = [ "${config.my.postgresSocket}:${config.my.postgresSocket}" ]; volumes = [ "${config.my.postgresSocket}:${config.my.postgresSocket}" ];
}; };
services.nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( services.nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
setup.proxyReverse cfg.hostName cfg.port // { } setup.proxyReverse cfg // { }
); );
}; };
} }

17
modules/servers/setup.nix
View File

@@ -41,30 +41,25 @@ let
default = "${config.my.servers.${name}.hostName}" == config.my.mainServer; default = "${config.my.servers.${name}.hostName}" == config.my.mainServer;
}; };
}; };
proxy = locations: { proxy = cfg: locations: {
inherit locations; inherit locations;
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
http2 = true; http2 = true;
# listenAddresses = [ cfg.ip ];
}; };
proxyReverse = proxyReverse = cfg: proxy cfg { "/".proxyPass = "http://${cfg.ip}:${toString cfg.port}/"; };
host: port:
let
useLocalhost = host == config.networking.hostName;
proxyTarget = if useLocalhost then config.my.localhost else config.my.ips."${host}";
in
proxy { "/".proxyPass = "http://${proxyTarget}:${toString port}/"; };
proxyReverseFix = proxyReverseFix =
host: port: cfg:
let let
useLocalhost = host == config.networking.hostName; useLocalhost = cfg.hostName == config.networking.hostName;
localHeaders = '' localHeaders = ''
proxy_set_header Host $host; proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
''; '';
in in
proxyReverse host port proxyReverse cfg
// { // {
extraConfig = '' extraConfig = ''
${if useLocalhost then localHeaders else ""} ${if useLocalhost then localHeaders else ""}

6
modules/servers/shiori.nix
View File

@@ -10,14 +10,12 @@ in
sops.secrets = lib.mkIf cfg.enable { shiori.sopsFile = ../../secrets/env.yaml; }; sops.secrets = lib.mkIf cfg.enable { shiori.sopsFile = ../../secrets/env.yaml; };
services = { services = {
shiori = lib.mkIf cfg.enable { shiori = lib.mkIf cfg.enable {
enable = true;
inherit (cfg) port; inherit (cfg) port;
enable = true;
environmentFile = config.sops.secrets.shiori.path; environmentFile = config.sops.secrets.shiori.path;
databaseUrl = "postgres:///shiori?host=${config.my.postgresSocket}"; databaseUrl = "postgres:///shiori?host=${config.my.postgresSocket}";
}; };
nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverse cfg // { });
setup.proxyReverse cfg.hostName cfg.port // { }
);
}; };
}; };
} }

4
modules/servers/sonarr.nix
View File

@@ -12,9 +12,7 @@ in
group = "piracy"; group = "piracy";
openFirewall = (!cfg.isLocal); openFirewall = (!cfg.isLocal);
}; };
nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverseFix cfg // { });
setup.proxyReverseFix cfg.hostName cfg.port // { }
);
}; };
}; };
} }

4
modules/servers/vaultwarden.nix
View File

@@ -31,9 +31,7 @@ in
LOG_LEVEL = "warn"; LOG_LEVEL = "warn";
}; };
}; };
nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverse cfg // { });
setup.proxyReverse cfg.hostName cfg.port // { }
);
}; };
}; };
} }