From be4fce11f46274872e5ab03b944b6bac2b3924e0 Mon Sep 17 00:00:00 2001 From: Julien Malka Date: Wed, 29 Dec 2021 17:40:57 +0100 Subject: [PATCH] Refactored subdomains creation --- lib/default.nix | 12 ++++++++++++ modules/bincache/default.nix | 10 +--------- modules/drone/default.nix | 10 +--------- modules/filerun/default.nix | 26 +++++--------------------- modules/hydra/default.nix | 11 +---------- modules/jackett/default.nix | 12 +----------- modules/jellyfin/default.nix | 12 +----------- modules/nginx/default.nix | 1 + modules/radarr/default.nix | 13 +++---------- modules/sonarr/default.nix | 12 +----------- modules/transmission/default.nix | 12 +----------- 11 files changed, 28 insertions(+), 103 deletions(-) diff --git a/lib/default.nix b/lib/default.nix index b7cdebb..8f0597d 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -10,6 +10,7 @@ in { mkMachine = host: host-config: modules: nixpkgs.lib.nixosSystem { + lib = final; system = "x86_64-linux"; specialArgs = { inherit inputs; @@ -36,5 +37,16 @@ in importConfig = path: (mapAttrs (name: value: import (path + "/${name}/default.nix")) (readDir path)); + mkSubdomain = name: port: { + luj.nginx.enable = true; + services.nginx.virtualHosts."${name}.julienmalka.me" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://localhost:${toString port}"; + }; + }; + }; + } diff --git a/modules/bincache/default.nix b/modules/bincache/default.nix index b47a8ae..255c03f 100644 --- a/modules/bincache/default.nix +++ b/modules/bincache/default.nix @@ -32,13 +32,5 @@ with lib; port = port; }; - luj.nginx.enable = true; - services.nginx.virtualHosts."${cfg.subdomain}.julienmalka.me" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://localhost:${toString port}"; - }; - }; - }; + } // mkSubdomain cfg.subdomain port; } diff --git a/modules/drone/default.nix b/modules/drone/default.nix index 967c1e6..8d8b8c1 100644 --- a/modules/drone/default.nix +++ b/modules/drone/default.nix @@ -93,13 +93,5 @@ in path = [ pkgs.nixUnstable pkgs.git pkgs.openssh ]; }; - services.nginx.virtualHosts."${cfg.subdomain}.julienmalka.me" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://localhost:${toString port}"; - }; - - }; - }; + } // mkSubdomain cfg.subdomain port; } diff --git a/modules/filerun/default.nix b/modules/filerun/default.nix index 328b6d2..c6efd72 100644 --- a/modules/filerun/default.nix +++ b/modules/filerun/default.nix @@ -4,10 +4,14 @@ let cfg = config.luj.filerun; mysql_root_pw = [ (builtins.readFile /run/secrets/filerun-root-passwd) ]; mysql_pw = [ (builtins.readFile /run/secrets/filerun-passwd) ]; + port = 2000; in { options.luj.filerun = { enable = mkEnableOption "enable filerun service"; + subdomain = mkOption { + type = types.str; + }; }; @@ -79,26 +83,6 @@ in extraOptions = [ "--network=filerun-br" ]; }; - - luj.nginx.enable = true; - services.nginx.recommendedProxySettings = true; - services.nginx.virtualHosts."cloud.julienmalka.me" = { - forceSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://localhost:2000"; - extraConfig = '' - proxy_set_header X-Forwarded-Proto https; - proxy_set_header X-Forwarded-Port 443; - ''; - }; - - - - }; - - - - }; + } // mkSubdomain cfg.subdomain port; } diff --git a/modules/hydra/default.nix b/modules/hydra/default.nix index 807fe96..f7fffbd 100644 --- a/modules/hydra/default.nix +++ b/modules/hydra/default.nix @@ -29,17 +29,8 @@ in } (mkIf cfg.nginx.enable { - luj.nginx.enable = true; services.hydra.hydraURL = "${cfg.nginx.subdomain}.julienmalka.me"; - services.nginx.virtualHosts."${cfg.nginx.subdomain}.julienmalka.me" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://localhost:${toString port}"; - }; - }; - - })]); + } // mkSubdomain cfg.nginx.subdomain port )]); diff --git a/modules/jackett/default.nix b/modules/jackett/default.nix index 097f5e3..e1d2dab 100644 --- a/modules/jackett/default.nix +++ b/modules/jackett/default.nix @@ -37,17 +37,7 @@ in }; } - (mkIf cfg.nginx.enable { - luj.nginx.enable = true; - services.nginx.virtualHosts."${cfg.nginx.subdomain}.julienmalka.me" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://localhost:${toString port}"; - }; - }; - - })]); + (mkIf cfg.nginx.enable (mkSubdomain cfg.nginx.subdomain port) )]); diff --git a/modules/jellyfin/default.nix b/modules/jellyfin/default.nix index 936e488..b113eb8 100644 --- a/modules/jellyfin/default.nix +++ b/modules/jellyfin/default.nix @@ -37,17 +37,7 @@ in }; } - (mkIf cfg.nginx.enable { - luj.nginx.enable = true; - services.nginx.virtualHosts."${cfg.nginx.subdomain}.julienmalka.me" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://localhost:${toString port}"; - }; - }; - - })]); + (mkIf cfg.nginx.enable (mkSubdomain cfg.nginx.subdomain port) )]); diff --git a/modules/nginx/default.nix b/modules/nginx/default.nix index 5ff07ac..6a9cd62 100644 --- a/modules/nginx/default.nix +++ b/modules/nginx/default.nix @@ -22,6 +22,7 @@ in { enable = true; recommendedOptimisation = true; recommendedTlsSettings = true; + recommendedProxySettings = true; clientMaxBodySize = "128m"; commonHttpConfig = '' diff --git a/modules/radarr/default.nix b/modules/radarr/default.nix index 529c72c..2900ede 100644 --- a/modules/radarr/default.nix +++ b/modules/radarr/default.nix @@ -38,17 +38,10 @@ in }; } - (mkIf cfg.nginx.enable { - luj.nginx.enable = true; - services.nginx.virtualHosts."${cfg.nginx.subdomain}.julienmalka.me" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://localhost:${toString port}"; - }; - }; + (mkIf cfg.nginx.enable (mkSubdomain cfg.nginx.subdomain port)) + + ]); - })]); diff --git a/modules/sonarr/default.nix b/modules/sonarr/default.nix index 0f29313..dd23564 100644 --- a/modules/sonarr/default.nix +++ b/modules/sonarr/default.nix @@ -38,17 +38,7 @@ in }; } - (mkIf cfg.nginx.enable { - luj.nginx.enable = true; - services.nginx.virtualHosts."${cfg.nginx.subdomain}.julienmalka.me" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://localhost:${toString port}"; - }; - }; - - })]); + (mkIf cfg.nginx.enable (mkSubdomain cfg.nginx.subdomain port) )]); diff --git a/modules/transmission/default.nix b/modules/transmission/default.nix index a41b96d..e98000d 100644 --- a/modules/transmission/default.nix +++ b/modules/transmission/default.nix @@ -52,17 +52,7 @@ in }; } - (mkIf cfg.nginx.enable { - luj.nginx.enable = true; - services.nginx.virtualHosts."${cfg.nginx.subdomain}.julienmalka.me" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://localhost:${toString port}"; - }; - }; - - })]); + (mkIf cfg.nginx.enable (mkSubdomain cfg.nginx.subdomain port) )]);