jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
NixOS/modules/servers/setup.nix

87 lines
2.3 KiB
Nix
Raw Blame History

{ lib, config, ... }:
let
mkOptions = name: subdomain: port: {
enable = lib.mkEnableOption "enable";
enableCron = lib.mkEnableOption "enable cronjob";
enableProxy = lib.mkEnableOption "enable reverse proxy";
port = lib.mkOption {
type = lib.types.int;
default = port;
};
name = lib.mkOption {
type = lib.types.str;
default = name;
};
host = lib.mkOption {
type = lib.types.str;
default = "${subdomain}.${config.my.domain}";
};
hostName = lib.mkOption {
type = lib.types.str;
default = config.networking.hostName;
};
url = lib.mkOption {
type = lib.types.str;
default = "https://${config.my.servers.${name}.host}";
};
ip = lib.mkOption {
type = lib.types.str;
default =
if config.my.servers."${name}".isLocal then
config.my.localhost
else
config.my.ips."${config.my.servers.${name}.hostName}";
};
local = lib.mkOption {
type = lib.types.str;
default = "http://${config.my.servers.${name}.ip}:${toString port}";
};
isLocal = lib.mkOption {
type = lib.types.bool;
default = "${config.my.servers.${name}.hostName}" == config.my.mainServer;
};
};
proxy = locations: {
inherit locations;
forceSSL = true;
enableACME = true;
http2 = true;
};
proxyReverse =
host: port:
let
useLocalhost = host == config.networking.hostName;
proxyTarget = if useLocalhost then config.my.localhost else config.my.ips."${host}";
in
proxy { "/".proxyPass = "http://${proxyTarget}:${toString port}/"; };
proxyReverseFix =
host: port:
let
useLocalhost = host == config.networking.hostName;
localHeaders = ''
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
'';
in
proxyReverse host port
// {
extraConfig = ''
${if useLocalhost then localHeaders else ""}
proxy_set_header X-Forwarded-Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_redirect off;
proxy_http_version 1.1;
'';
};
in
{
inherit
mkOptions
proxy
proxyReverse
proxyReverseFix
;
}
Reference in New Issue View Git Blame Copy Permalink