jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

migrated lambdas to setup.nix + lambda for server files

Browse Source
This commit is contained in:
Danilo Reyes 2024-10-02 18:16:06 -06:00
parent 6181709ca3
commit ef00d45148
21 changed files with 118 additions and 347 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

213
modules/servers.nix
View File

@ -1,48 +1,5 @@
{ { lib, config, ... }:
lib,
config,
pkgs,
...
}:
let let
setup = import ./servers/setup.nix { inherit lib config; };
proxy = locations: {
inherit locations;
forceSSL = true;
enableACME = true;
http2 = true;
};
proxyReverse =
host: port:
let
useLocalhost = host == config.networking.hostName;
proxyTarget = if useLocalhost then config.my.localhost else config.my.ips."${host}";
in
proxy { "/".proxyPass = "http://${proxyTarget}:${toString port}/"; };
proxyReverseArr =
host: port:
let
useLocalhost = host == config.networking.hostName;
headers = ''
proxy_set_header X-Forwarded-Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_redirect off;
proxy_http_version 1.1;
'';
localHeaders = ''
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
'';
in
proxyReverse host port
// {
extraConfig = ''
${if useLocalhost then localHeaders else ""}
${headers}
'';
};
enableContainers = lib.any (opt: opt) [ enableContainers = lib.any (opt: opt) [
config.my.servers.collabora.enable config.my.servers.collabora.enable
config.my.servers.ryot.enable config.my.servers.ryot.enable
@ -57,167 +14,13 @@ let
]; ];
in in
{ {
imports = [ imports =
./servers/adguardhome.nix let
(import ./servers/paperless.nix { inherit lib config; }) serverFiles = builtins.filter (
./servers/postgres.nix file: builtins.match ".*\\.nix" file != null && file != "setup.nix"
(import ./servers/audiobookshelf.nix { ) (builtins.attrNames (builtins.readDir ./servers));
inherit in
lib map (file: ./servers/${file}) serverFiles;
config
proxy
setup
;
})
(import ./servers/bazarr.nix {
inherit
lib
config
proxyReverse
setup
;
})
(import ./servers/flame.nix {
inherit
lib
config
proxyReverse
setup
;
})
(import ./servers/homepage.nix {
inherit
lib
config
proxyReverse
setup
;
})
(import ./servers/jellyfin.nix {
inherit
lib
config
pkgs
setup
;
})
(import ./servers/kavita.nix {
inherit
lib
config
proxyReverse
setup
;
})
(import ./servers/lidarr.nix {
inherit
lib
config
proxyReverseArr
setup
;
})
(import ./servers/maloja.nix {
inherit
lib
config
proxyReverse
setup
;
})
(import ./servers/mealie.nix {
inherit
lib
config
proxyReverse
setup
;
})
(import ./servers/metube.nix {
inherit
lib
config
proxyReverse
setup
;
})
(import ./servers/microbin.nix {
inherit
lib
config
proxyReverse
setup
;
})
(import ./servers/multi-scrobbler.nix {
inherit
lib
config
proxyReverse
setup
;
})
(import ./servers/nextcloud.nix {
inherit
lib
config
pkgs
setup
;
})
(import ./servers/prowlarr.nix {
inherit
lib
config
proxyReverseArr
setup
;
})
(import ./servers/qbittorrent.nix { inherit lib config pkgs; })
(import ./servers/sabnzbd.nix { inherit lib config; })
(import ./servers/radarr.nix {
inherit
lib
config
proxyReverseArr
setup
;
})
(import ./servers/ryot.nix {
inherit
lib
config
proxyReverse
setup
;
})
(import ./servers/shiori.nix {
inherit
lib
config
proxyReverse
setup
;
})
(import ./servers/sonarr.nix {
inherit
lib
config
proxyReverse
setup
;
})
(import ./servers/vaultwarden.nix {
inherit
lib
config
pkgs
proxyReverse
setup
;
})
(import ./servers/firefly-iii.nix { inherit lib config; })
];
options.my = { options.my = {
localhost = lib.mkOption { localhost = lib.mkOption {
type = lib.types.str; type = lib.types.str;

39
modules/servers/audiobookshelf.nix
View File

@ -1,12 +1,7 @@
{ { lib, config, ... }:
lib,
config,
proxy,
setup,
...
}:
let let
cfg = config.my.servers.audiobookshelf; cfg = config.my.servers.audiobookshelf;
setup = import ../setup.nix { inherit lib config; };
in in
{ {
options.my.servers.audiobookshelf = setup.mkOptions "audiobookshelf" "audiobooks" 5687; options.my.servers.audiobookshelf = setup.mkOptions "audiobookshelf" "audiobooks" 5687;
@ -18,20 +13,22 @@ in
enable = true; enable = true;
group = "piracy"; group = "piracy";
}; };
nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (proxy { nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
"/" = { setup.proxy {
proxyPass = cfg.local; "/" = {
extraConfig = '' proxyPass = cfg.local;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; extraConfig = ''
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host; proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade; proxy_set_header Host $host;
proxy_set_header Connection "upgrade"; proxy_set_header Upgrade $http_upgrade;
proxy_http_version 1.1; proxy_set_header Connection "upgrade";
proxy_redirect http:// https://; proxy_http_version 1.1;
''; proxy_redirect http:// https://;
}; '';
}); };
}
);
}; };
}; };
} }

11
modules/servers/bazarr.nix
View File

@ -1,12 +1,7 @@
{ { lib, config, ... }:
lib,
config,
proxyReverse,
setup,
...
}:
let let
cfg = config.my.servers.bazarr; cfg = config.my.servers.bazarr;
setup = import ../setup.nix { inherit lib config; };
in in
{ {
options.my.servers.bazarr = setup.mkOptions "bazarr" "subs" config.services.bazarr.listenPort; options.my.servers.bazarr = setup.mkOptions "bazarr" "subs" config.services.bazarr.listenPort;
@ -18,7 +13,7 @@ in
group = "piracy"; group = "piracy";
}; };
nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
proxyReverse cfg.hostName cfg.port // { } setup.proxyReverse cfg.hostName cfg.port // { }
); );
}; };
}; };

13
modules/servers/flame.nix
View File

@ -1,14 +1,9 @@
{ { lib, config, ... }:
lib,
config,
proxyReverse,
setup,
...
}:
let let
cfg = config.my.servers.flame; cfg = config.my.servers.flame;
cfgS = config.my.servers.flameSecret; cfgS = config.my.servers.flameSecret;
enable = (cfg.enable || cfgS.enable); enable = (cfg.enable || cfgS.enable);
setup = import ../setup.nix { inherit lib config; };
in in
{ {
options.my.servers = { options.my.servers = {
@ -52,8 +47,8 @@ in
}; };
services.nginx = { services.nginx = {
virtualHosts = lib.mkIf (cfg.enableProxy || cfgS.enableProxy) { virtualHosts = lib.mkIf (cfg.enableProxy || cfgS.enableProxy) {
"${cfg.host}" = proxyReverse cfg.hostName cfg.port // { }; "${cfg.host}" = setup.proxyReverse cfg.hostName cfg.port // { };
"${cfgS.host}" = proxyReverse cfgS.hostName cfgS.port // { }; "${cfgS.host}" = setup.proxyReverse cfgS.hostName cfgS.port // { };
}; };
}; };
}; };

11
modules/servers/homepage.nix
View File

@ -1,13 +1,8 @@
{ { lib, config, ... }:
lib,
config,
proxyReverse,
setup,
...
}:
let let
services = import ./homepage/services.nix { inherit config lib; }; services = import ./homepage/services.nix { inherit config lib; };
cfg = config.my.servers.homepage; cfg = config.my.servers.homepage;
setup = import ../setup.nix { inherit lib config; };
in in
{ {
options.my.servers.homepage = setup.mkOptions "homepage" "home" 8082; options.my.servers.homepage = setup.mkOptions "homepage" "home" 8082;
@ -127,7 +122,7 @@ in
]; ];
}; };
nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
proxyReverse cfg.hostName cfg.port // { } setup.proxyReverse cfg.hostName cfg.port // { }
); );
}; };
}; };

2
modules/servers/jellyfin.nix
View File

@ -2,7 +2,6 @@
lib, lib,
config, config,
pkgs, pkgs,
setup,
... ...
}: }:
let let
@ -19,6 +18,7 @@ let
pkgs.gum pkgs.gum
sub-sync sub-sync
]; ];
setup = import ../setup.nix { inherit lib config; };
in in
{ {
options.my.servers.jellyfin = setup.mkOptions "jellyfin" "flix" 8096; options.my.servers.jellyfin = setup.mkOptions "jellyfin" "flix" 8096;

11
modules/servers/kavita.nix
View File

@ -1,12 +1,7 @@
{ { lib, config, ... }:
lib,
config,
proxyReverse,
setup,
...
}:
let let
cfg = config.my.servers.kavita; cfg = config.my.servers.kavita;
setup = import ../setup.nix { inherit lib config; };
in in
{ {
options.my.servers.kavita = setup.mkOptions "kavita" "library" config.services.kavita.settings.Port; options.my.servers.kavita = setup.mkOptions "kavita" "library" config.services.kavita.settings.Port;
@ -27,7 +22,7 @@ in
tokenKeyFile = config.sops.secrets.kavita-token.path; tokenKeyFile = config.sops.secrets.kavita-token.path;
}; };
nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
proxyReverse cfg.hostName cfg.port // { } setup.proxyReverse cfg.hostName cfg.port // { }
); );
}; };
}; };

11
modules/servers/lidarr.nix
View File

@ -1,12 +1,7 @@
{ { lib, config, ... }:
lib,
config,
proxyReverseArr,
setup,
...
}:
let let
cfg = config.my.servers.lidarr; cfg = config.my.servers.lidarr;
setup = import ../setup.nix { inherit lib config; };
in in
{ {
options.my.servers.lidarr = setup.mkOptions "lidarr" "music" 8686; options.my.servers.lidarr = setup.mkOptions "lidarr" "music" 8686;
@ -38,7 +33,7 @@ in
}; };
}; };
services.nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( services.nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
proxyReverseArr cfg.hostName cfg.port // { } setup.proxyReverseArr cfg.hostName cfg.port // { }
); );
}; };
} }

11
modules/servers/maloja.nix
View File

@ -1,12 +1,7 @@
{ { lib, config, ... }:
lib,
config,
proxyReverse,
setup,
...
}:
let let
cfg = config.my.servers.maloja; cfg = config.my.servers.maloja;
setup = import ../setup.nix { inherit lib config; };
in in
{ {
options.my.servers.maloja = setup.mkOptions "maloja" "maloja" 42010; options.my.servers.maloja = setup.mkOptions "maloja" "maloja" 42010;
@ -34,7 +29,7 @@ in
}; };
}; };
services.nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( services.nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
proxyReverse cfg.hostName cfg.port // { } setup.proxyReverse cfg.hostName cfg.port // { }
); );
}; };
} }

11
modules/servers/mealie.nix
View File

@ -1,12 +1,7 @@
{ { lib, config, ... }:
lib,
config,
proxyReverse,
setup,
...
}:
let let
cfg = config.my.servers.mealie; cfg = config.my.servers.mealie;
setup = import ../setup.nix { inherit lib config; };
in in
{ {
disabledModules = [ "services/web-apps/mealie.nix" ]; disabledModules = [ "services/web-apps/mealie.nix" ];
@ -35,7 +30,7 @@ in
credentialsFile = config.sops.secrets.mealie.path; credentialsFile = config.sops.secrets.mealie.path;
}; };
nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
proxyReverse cfg.hostName cfg.port // { } setup.proxyReverse cfg.hostName cfg.port // { }
); );
}; };
}; };

11
modules/servers/metube.nix
View File

@ -1,12 +1,7 @@
{ { lib, config, ... }:
lib,
config,
proxyReverse,
setup,
...
}:
let let
cfg = config.my.servers.metube; cfg = config.my.servers.metube;
setup = import ../setup.nix { inherit lib config; };
in in
{ {
options.my.servers.metube = setup.mkOptions "metube" "bajameesta" 8881; options.my.servers.metube = setup.mkOptions "metube" "bajameesta" 8881;
@ -25,7 +20,7 @@ in
}; };
}; };
services.nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( services.nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
proxyReverse cfg.hostName cfg.port // { } setup.proxyReverse cfg.hostName cfg.port // { }
); );
}; };
} }

11
modules/servers/microbin.nix
View File

@ -1,12 +1,7 @@
{ { lib, config, ... }:
lib,
config,
proxyReverse,
setup,
...
}:
let let
cfg = config.my.servers.microbin; cfg = config.my.servers.microbin;
setup = import ../setup.nix { inherit lib config; };
in in
{ {
options.my.servers.microbin = setup.mkOptions "microbin" "copy" 8080; options.my.servers.microbin = setup.mkOptions "microbin" "copy" 8080;
@ -26,7 +21,7 @@ in
}; };
}; };
nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
proxyReverse cfg.hostName cfg.port // { } setup.proxyReverse cfg.hostName cfg.port // { }
); );
}; };
}; };

11
modules/servers/multi-scrobbler.nix
View File

@ -1,12 +1,7 @@
{ { lib, config, ... }:
lib,
config,
proxyReverse,
setup,
...
}:
let let
cfg = config.my.servers.multi-scrobbler; cfg = config.my.servers.multi-scrobbler;
setup = import ../setup.nix { inherit lib config; };
in in
{ {
options.my.servers.multi-scrobbler = setup.mkOptions "multi-scrobbler" "scrobble" 9078; options.my.servers.multi-scrobbler = setup.mkOptions "multi-scrobbler" "scrobble" 9078;
@ -35,7 +30,7 @@ in
}; };
}; };
services.nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( services.nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
proxyReverse cfg.hostName cfg.port // { } setup.proxyReverse cfg.hostName cfg.port // { }
); );
}; };
} }

2
modules/servers/nextcloud.nix
View File

@ -2,7 +2,6 @@
lib, lib,
config, config,
pkgs, pkgs,
setup,
... ...
}: }:
let let
@ -17,6 +16,7 @@ let
''; '';
cfg = config.my.servers.nextcloud; cfg = config.my.servers.nextcloud;
cfgC = config.my.servers.collabora; cfgC = config.my.servers.collabora;
setup = import ../setup.nix { inherit lib config; };
in in
{ {
options.my.servers = { options.my.servers = {

11
modules/servers/prowlarr.nix
View File

@ -1,12 +1,7 @@
{ { lib, config, ... }:
lib,
config,
proxyReverseArr,
setup,
...
}:
let let
cfg = config.my.servers.prowlarr; cfg = config.my.servers.prowlarr;
setup = import ../setup.nix { inherit lib config; };
in in
{ {
options.my.servers.prowlarr = setup.mkOptions "prowlarr" "indexer" 9696; options.my.servers.prowlarr = setup.mkOptions "prowlarr" "indexer" 9696;
@ -19,7 +14,7 @@ in
services = { services = {
prowlarr.enable = cfg.enable; prowlarr.enable = cfg.enable;
nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
proxyReverseArr cfg.hostName cfg.port // { } setup.proxyReverseArr cfg.hostName cfg.port // { }
); );
}; };
virtualisation.oci-containers.containers.flaresolverr = lib.mkIf cfg.enable { virtualisation.oci-containers.containers.flaresolverr = lib.mkIf cfg.enable {

4
modules/servers/radarr.nix
View File

@ -2,11 +2,11 @@
lib, lib,
config, config,
proxyReverseArr, proxyReverseArr,
setup,
... ...
}: }:
let let
cfg = config.my.servers.radarr; cfg = config.my.servers.radarr;
setup = import ../setup.nix { inherit lib config; };
in in
{ {
options.my.servers.radarr = setup.mkOptions "radarr" "movies" 7878; options.my.servers.radarr = setup.mkOptions "radarr" "movies" 7878;
@ -18,7 +18,7 @@ in
group = "piracy"; group = "piracy";
}; };
nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
proxyReverseArr cfg.hostName cfg.port // { } setup.proxyReverseArr cfg.hostName cfg.port // { }
); );
}; };
}; };

11
modules/servers/ryot.nix
View File

@ -1,12 +1,7 @@
{ { lib, config, ... }:
lib,
config,
proxyReverse,
setup,
...
}:
let let
cfg = config.my.servers.ryot; cfg = config.my.servers.ryot;
setup = import ../setup.nix { inherit lib config; };
in in
{ {
options.my.servers.ryot = setup.mkOptions "ryot" "tracker" 8765; options.my.servers.ryot = setup.mkOptions "ryot" "tracker" 8765;
@ -31,7 +26,7 @@ in
}; };
}; };
services.nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( services.nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
proxyReverse cfg.hostName cfg.port // { } setup.proxyReverse cfg.hostName cfg.port // { }
); );
}; };
} }

11
modules/servers/shiori.nix
View File

@ -1,12 +1,7 @@
{ { lib, config, ... }:
lib,
config,
proxyReverse,
setup,
...
}:
let let
cfg = config.my.servers.shiori; cfg = config.my.servers.shiori;
setup = import ../setup.nix { inherit lib config; };
in in
{ {
disabledModules = [ "services/web-apps/shiori.nix" ]; disabledModules = [ "services/web-apps/shiori.nix" ];
@ -23,7 +18,7 @@ in
databaseUrl = "postgres:///shiori?host=${config.my.postgresSocket}"; databaseUrl = "postgres:///shiori?host=${config.my.postgresSocket}";
}; };
nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
proxyReverse cfg.hostName cfg.port // { } setup.proxyReverse cfg.hostName cfg.port // { }
); );
}; };
}; };

11
modules/servers/sonarr.nix
View File

@ -1,12 +1,7 @@
{ { lib, config, ... }:
lib,
config,
proxyReverse,
setup,
...
}:
let let
cfg = config.my.servers.sonarr; cfg = config.my.servers.sonarr;
setup = import ../setup.nix { inherit lib config; };
in in
{ {
options.my.servers.sonarr = setup.mkOptions "sonarr" "series" 8989; options.my.servers.sonarr = setup.mkOptions "sonarr" "series" 8989;
@ -18,7 +13,7 @@ in
group = "piracy"; group = "piracy";
}; };
nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
proxyReverse cfg.hostName cfg.port // { } setup.proxyReverse cfg.hostName cfg.port // { }
); );
}; };
}; };

5
modules/servers/vaultwarden.nix
View File

@ -2,12 +2,11 @@
lib, lib,
config, config,
pkgs, pkgs,
proxyReverse,
setup,
... ...
}: }:
let let
cfg = config.my.servers.vaultwarden; cfg = config.my.servers.vaultwarden;
setup = import ../setup.nix { inherit lib config; };
in in
{ {
options.my.servers.vaultwarden = setup.mkOptions "vaultwarden" "vault" 8222; options.my.servers.vaultwarden = setup.mkOptions "vaultwarden" "vault" 8222;
@ -33,7 +32,7 @@ in
}; };
}; };
nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy ( nginx.virtualHosts."${cfg.host}" = lib.mkIf cfg.enableProxy (
proxyReverse cfg.hostName cfg.port // { } setup.proxyReverse cfg.hostName cfg.port // { }
); );
}; };
}; };

44
modules/servers/setup.nix → modules/setup.nix
View File

@ -41,7 +41,49 @@ let
default = "${config.my.servers.${name}.hostName}" == config.my.mainServer; default = "${config.my.servers.${name}.hostName}" == config.my.mainServer;
}; };
}; };
proxy = locations: {
inherit locations;
forceSSL = true;
enableACME = true;
http2 = true;
};
proxyReverse =
host: port:
let
useLocalhost = host == config.networking.hostName;
proxyTarget = if useLocalhost then config.my.localhost else config.my.ips."${host}";
in
proxy { "/".proxyPass = "http://${proxyTarget}:${toString port}/"; };
proxyReverseArr =
host: port:
let
useLocalhost = host == config.networking.hostName;
headers = ''
proxy_set_header X-Forwarded-Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_redirect off;
proxy_http_version 1.1;
'';
localHeaders = ''
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
'';
in
proxyReverse host port
// {
extraConfig = ''
${if useLocalhost then localHeaders else ""}
${headers}
'';
};
in in
{ {
inherit mkOptions; inherit
mkOptions
proxy
proxyReverse
proxyReverseArr
;
} }