properly refactored flame
This commit is contained in:
parent
b4417a6acd
commit
6c7439894b
@ -15,12 +15,7 @@ let
|
||||
config.my.servers.drpp.enable
|
||||
config.my.servers.plex-discord-bot.enable
|
||||
];
|
||||
filterNames =
|
||||
file:
|
||||
file != "base.nix"
|
||||
&& file != "setup.nix"
|
||||
&& file != "librewolf.nix"
|
||||
&& file != "server-factory.nix";
|
||||
filterNames = file: file != "base.nix" && file != "setup.nix" && file != "librewolf.nix";
|
||||
autoImport =
|
||||
dir:
|
||||
builtins.readDir ./${dir}
|
||||
@ -36,11 +31,10 @@ in
|
||||
++ autoImport "servers"
|
||||
++ autoImport "services"
|
||||
++ autoImport "shell"
|
||||
++ autoImport "network"
|
||||
++ [
|
||||
./nix/build.nix
|
||||
./users/nixremote.nix
|
||||
./network/firewall.nix
|
||||
./network/nginx.nix
|
||||
];
|
||||
options.my = {
|
||||
localhost = lib.mkOption {
|
||||
@ -154,16 +148,5 @@ in
|
||||
recommendedGzipSettings = true;
|
||||
recommendedProxySettings = true;
|
||||
};
|
||||
networking.firewall =
|
||||
let
|
||||
ports = [
|
||||
config.services.nginx.defaultHTTPListenPort
|
||||
config.services.nginx.defaultSSLListenPort
|
||||
];
|
||||
in
|
||||
{
|
||||
allowedTCPPorts = ports;
|
||||
allowedUDPPorts = ports;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
@ -50,8 +50,8 @@ in
|
||||
|> map (srv: srv.port)
|
||||
)
|
||||
++ (lib.optionals config.services.nginx.enable [
|
||||
80
|
||||
443
|
||||
config.services.nginx.defaultHTTPListenPort
|
||||
config.services.nginx.defaultSSLListenPort
|
||||
]);
|
||||
};
|
||||
}
|
||||
|
||||
@ -15,6 +15,8 @@ let
|
||||
"kavita"
|
||||
"multi-scrobbler"
|
||||
"nix-serve"
|
||||
"flame"
|
||||
"flameSecret"
|
||||
];
|
||||
proxyReverseFixServices = [
|
||||
"audiobookshelf"
|
||||
|
||||
@ -11,10 +11,6 @@ in
|
||||
flameSecret = setup.mkOptions "flameSecret" "qampqwn4wprhqny8h8zj" 5007;
|
||||
};
|
||||
config = lib.mkIf enable {
|
||||
networking.firewall.allowedTCPPorts = lib.mkIf (!cfg.isLocal || !cfgS.isLocal) [
|
||||
cfg.port
|
||||
cfgS.port
|
||||
];
|
||||
sops.secrets = {
|
||||
flame.sopsFile = ../../secrets/env.yaml;
|
||||
};
|
||||
@ -47,9 +43,5 @@ in
|
||||
};
|
||||
};
|
||||
};
|
||||
services.nginx.virtualHosts = lib.mkIf enable {
|
||||
"${cfg.host}" = lib.mkIf cfg.enableProxy (setup.proxyReverse cfg);
|
||||
"${cfgS.host}" = lib.mkIf cfgS.enableProxy (setup.proxyReverse cfgS);
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user