From faa87743e5f54be48874282aa4d244a1482e6e72 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 25 Dec 2023 19:25:08 +0100 Subject: [PATCH] nixos: services: nginx: use attrset for vhosts Attribute sets compose better than lists, it was a mistake to use a list in the first place... --- modules/nixos/services/blog/default.nix | 2 +- .../nixos/services/calibre-web/default.nix | 8 ++-- .../nixos/services/drone/server/default.nix | 8 ++-- modules/nixos/services/flood/default.nix | 8 ++-- modules/nixos/services/gitea/default.nix | 12 +++--- modules/nixos/services/indexers/default.nix | 24 ++++++------ modules/nixos/services/jellyfin/default.nix | 8 ++-- modules/nixos/services/lohr/default.nix | 8 ++-- modules/nixos/services/matrix/default.nix | 20 +++++----- modules/nixos/services/miniflux/default.nix | 8 ++-- modules/nixos/services/monitoring/default.nix | 8 ++-- modules/nixos/services/navidrome/default.nix | 8 ++-- modules/nixos/services/nginx/default.nix | 38 +++++++++---------- modules/nixos/services/nix-cache/default.nix | 8 ++-- modules/nixos/services/paperless/default.nix | 8 ++-- modules/nixos/services/pirate/default.nix | 8 ++-- modules/nixos/services/podgrab/default.nix | 8 ++-- modules/nixos/services/sabnzbd/default.nix | 8 ++-- .../services/tandoor-recipes/default.nix | 8 ++-- .../nixos/services/transmission/default.nix | 8 ++-- modules/nixos/services/vikunja/default.nix | 8 ++-- .../services/woodpecker/server/default.nix | 12 +++--- 22 files changed, 118 insertions(+), 118 deletions(-) diff --git a/modules/nixos/services/blog/default.nix b/modules/nixos/services/blog/default.nix index 4b646c3..38ada5e 100644 --- a/modules/nixos/services/blog/default.nix +++ b/modules/nixos/services/blog/default.nix @@ -9,7 +9,7 @@ let root = "/var/www/${subdomain}"; }; - hostsInfo = map makeHostInfo [ "cv" "dev" "key" ]; + hostsInfo = lib.flip lib.genAttrs makeHostInfo [ "cv" "dev" "key" ]; in { options.my.services.blog = { diff --git a/modules/nixos/services/calibre-web/default.nix b/modules/nixos/services/calibre-web/default.nix index 858851c..fe53b7e 100644 --- a/modules/nixos/services/calibre-web/default.nix +++ b/modules/nixos/services/calibre-web/default.nix @@ -40,12 +40,12 @@ in # Set-up media group users.groups.media = { }; - my.services.nginx.virtualHosts = [ - { + my.services.nginx.virtualHosts = { + library = { subdomain = "library"; inherit (cfg) port; - } - ]; + }; + }; my.services.backup = { paths = [ diff --git a/modules/nixos/services/drone/server/default.nix b/modules/nixos/services/drone/server/default.nix index d651f85..2207765 100644 --- a/modules/nixos/services/drone/server/default.nix +++ b/modules/nixos/services/drone/server/default.nix @@ -45,11 +45,11 @@ in }]; }; - my.services.nginx.virtualHosts = [ - { + my.services.nginx.virtualHosts = { + drone = { subdomain = "drone"; inherit (cfg) port; - } - ]; + }; + }; }; } diff --git a/modules/nixos/services/flood/default.nix b/modules/nixos/services/flood/default.nix index ff5d941..e227dde 100644 --- a/modules/nixos/services/flood/default.nix +++ b/modules/nixos/services/flood/default.nix @@ -40,11 +40,11 @@ in }; }; - my.services.nginx.virtualHosts = [ - { + my.services.nginx.virtualHosts = { + flood = { subdomain = "flood"; inherit (cfg) port; - } - ]; + }; + }; }; } diff --git a/modules/nixos/services/gitea/default.nix b/modules/nixos/services/gitea/default.nix index 00ba941..4d5429e 100644 --- a/modules/nixos/services/gitea/default.nix +++ b/modules/nixos/services/gitea/default.nix @@ -116,18 +116,18 @@ in }; users.groups.git = { }; - my.services.nginx.virtualHosts = [ + my.services.nginx.virtualHosts = { # Proxy to Gitea - { + git = { subdomain = "git"; inherit (cfg) port; - } + }; # Redirect `gitea.` to actual forge subdomain - { + gitea = { subdomain = "gitea"; redirect = config.services.gitea.settings.server.ROOT_URL; - } - ]; + }; + }; my.services.backup = { paths = [ diff --git a/modules/nixos/services/indexers/default.nix b/modules/nixos/services/indexers/default.nix index fb06a0b..ff2d91c 100644 --- a/modules/nixos/services/indexers/default.nix +++ b/modules/nixos/services/indexers/default.nix @@ -28,12 +28,12 @@ in }; }; - my.services.nginx.virtualHosts = [ - { + my.services.nginx.virtualHosts = { + jackett = { subdomain = "jackett"; port = jackettPort; - } - ]; + }; + }; }) (lib.mkIf cfg.nzbhydra.enable { @@ -41,12 +41,12 @@ in enable = true; }; - my.services.nginx.virtualHosts = [ - { + my.services.nginx.virtualHosts = { + nzbhydra = { subdomain = "nzbhydra"; port = nzbhydraPort; - } - ]; + }; + }; }) (lib.mkIf cfg.prowlarr.enable { @@ -54,12 +54,12 @@ in enable = true; }; - my.services.nginx.virtualHosts = [ - { + my.services.nginx.virtualHosts = { + prowlarr = { subdomain = "prowlarr"; port = prowlarrPort; - } - ]; + }; + }; services.fail2ban.jails = { prowlarr = '' diff --git a/modules/nixos/services/jellyfin/default.nix b/modules/nixos/services/jellyfin/default.nix index 2fcf51e..326dab3 100644 --- a/modules/nixos/services/jellyfin/default.nix +++ b/modules/nixos/services/jellyfin/default.nix @@ -17,8 +17,8 @@ in # Set-up media group users.groups.media = { }; - my.services.nginx.virtualHosts = [ - { + my.services.nginx.virtualHosts = { + jellyfin = { subdomain = "jellyfin"; port = 8096; extraConfig = { @@ -33,7 +33,7 @@ in proxyWebsockets = true; }; }; - } - ]; + }; + }; }; } diff --git a/modules/nixos/services/lohr/default.nix b/modules/nixos/services/lohr/default.nix index 245567c..af292cc 100644 --- a/modules/nixos/services/lohr/default.nix +++ b/modules/nixos/services/lohr/default.nix @@ -98,11 +98,11 @@ in }; users.groups.lohr = { }; - my.services.nginx.virtualHosts = [ - { + my.services.nginx.virtualHosts = { + lohr = { subdomain = "lohr"; inherit (cfg) port; - } - ]; + }; + }; }; } diff --git a/modules/nixos/services/matrix/default.nix b/modules/nixos/services/matrix/default.nix index 52b60c5..3328747 100644 --- a/modules/nixos/services/matrix/default.nix +++ b/modules/nixos/services/matrix/default.nix @@ -117,9 +117,9 @@ in }; }; - my.services.nginx.virtualHosts = [ + my.services.nginx.virtualHosts = { # Element Web app deployment - { + chat = { subdomain = "chat"; root = pkgs.element-web.override { conf = { @@ -145,22 +145,22 @@ in }; }; }; - } + }; # Dummy VHosts for port collision detection - { + matrix-federation = { subdomain = "matrix-federation"; port = federationPort.private; - } - { + }; + matrix-client = { subdomain = "matrix-client"; port = clientPort.private; - } + }; # Sliding sync - { + matrix-sync = { subdomain = "matrix-sync"; inherit (cfg.slidingSync) port; - } - ]; + }; + }; # Those are too complicated to use my wrapper... services.nginx.virtualHosts = { diff --git a/modules/nixos/services/miniflux/default.nix b/modules/nixos/services/miniflux/default.nix index 6d9ffc8..07eb6f8 100644 --- a/modules/nixos/services/miniflux/default.nix +++ b/modules/nixos/services/miniflux/default.nix @@ -43,11 +43,11 @@ in }; }; - my.services.nginx.virtualHosts = [ - { + my.services.nginx.virtualHosts = { + reader = { subdomain = "reader"; inherit (cfg) port; - } - ]; + }; + }; }; } diff --git a/modules/nixos/services/monitoring/default.nix b/modules/nixos/services/monitoring/default.nix index 829bfe0..2f23ff0 100644 --- a/modules/nixos/services/monitoring/default.nix +++ b/modules/nixos/services/monitoring/default.nix @@ -125,11 +125,11 @@ in ]; }; - my.services.nginx.virtualHosts = [ - { + my.services.nginx.virtualHosts = { + monitoring = { subdomain = "monitoring"; inherit (cfg.grafana) port; - } - ]; + }; + }; }; } diff --git a/modules/nixos/services/navidrome/default.nix b/modules/nixos/services/navidrome/default.nix index 6c001fd..92f9fd2 100644 --- a/modules/nixos/services/navidrome/default.nix +++ b/modules/nixos/services/navidrome/default.nix @@ -47,11 +47,11 @@ in }; }; - my.services.nginx.virtualHosts = [ - { + my.services.nginx.virtualHosts = { + music = { subdomain = "music"; inherit (cfg) port; - } - ]; + }; + }; }; } diff --git a/modules/nixos/services/nginx/default.nix b/modules/nixos/services/nginx/default.nix index 6ca2e42..53c947b 100644 --- a/modules/nixos/services/nginx/default.nix +++ b/modules/nixos/services/nginx/default.nix @@ -97,19 +97,19 @@ in }; virtualHosts = mkOption { - type = types.listOf virtualHostOption; - default = [ ]; + type = types.attrsOf virtualHostOption; + default = { }; example = litteralExample '' - [ - { - subdomain = "gitea"; + { + gitea = { + subdomain = "git"; port = 8080; - } - { + }; + dev = { subdomain = "dev"; root = "/var/www/dev"; - } - { + }; + jellyfin = { subdomain = "jellyfin"; port = 8096; extraConfig = { @@ -118,8 +118,8 @@ in proxyWebsockets = true; }; }; - } - ] + }; + } ''; description = '' List of virtual hosts to set-up using default settings. @@ -190,7 +190,7 @@ in config = lib.mkIf cfg.enable { assertions = [ ] - ++ (lib.flip builtins.map cfg.virtualHosts ({ subdomain, ... } @ args: + ++ (lib.flip lib.mapAttrsToList cfg.virtualHosts (_: { subdomain, ... } @ args: let conflicts = [ "port" "root" "socket" "redirect" ]; optionsNotNull = builtins.map (v: args.${v} != null) conflicts; @@ -209,7 +209,7 @@ in ports = lib.my.mapFilter (v: v != null) ({ port, ... }: port) - cfg.virtualHosts; + (lib.attrValues cfg.virtualHosts); portCounts = lib.my.countValues ports; nonUniquesCounts = lib.filterAttrs (_: v: v != 1) portCounts; nonUniques = builtins.attrNames nonUniquesCounts; @@ -221,7 +221,7 @@ in map mkAssertion nonUniques ) ++ ( let - subs = map ({ subdomain, ... }: subdomain) cfg.virtualHosts; + subs = lib.mapAttrsToList (_: { subdomain, ... }: subdomain) cfg.virtualHosts; subsCounts = lib.my.countValues subs; nonUniquesCounts = lib.filterAttrs (_: v: v != 1) subsCounts; nonUniques = builtins.attrNames nonUniquesCounts; @@ -325,7 +325,7 @@ in ]) ); in - lib.my.genAttrs' cfg.virtualHosts mkVHost; + lib.my.genAttrs' (lib.attrValues cfg.virtualHosts) mkVHost; sso = { enable = true; @@ -403,12 +403,12 @@ in }; }; - my.services.nginx.virtualHosts = [ - { + my.services.nginx.virtualHosts = { + login = { subdomain = "login"; inherit (cfg.sso) port; - } - ]; + }; + }; networking.firewall.allowedTCPPorts = [ 80 443 ]; diff --git a/modules/nixos/services/nix-cache/default.nix b/modules/nixos/services/nix-cache/default.nix index b3bdbf3..5517a78 100644 --- a/modules/nixos/services/nix-cache/default.nix +++ b/modules/nixos/services/nix-cache/default.nix @@ -43,11 +43,11 @@ in signKeyPath = cfg.secretKeyFile; }; - my.services.nginx.virtualHosts = [ - { + my.services.nginx.virtualHosts = { + cache = { subdomain = "cache"; inherit (cfg) port; - } - ]; + }; + }; }; } diff --git a/modules/nixos/services/paperless/default.nix b/modules/nixos/services/paperless/default.nix index 90f6b0c..87a816a 100644 --- a/modules/nixos/services/paperless/default.nix +++ b/modules/nixos/services/paperless/default.nix @@ -143,8 +143,8 @@ in extraGroups = [ "media" ]; }; - my.services.nginx.virtualHosts = [ - { + my.services.nginx.virtualHosts = { + paperless = { subdomain = "paperless"; inherit (cfg) port; sso = { @@ -155,8 +155,8 @@ in extraConfig = { locations."/".proxyWebsockets = true; }; - } - ]; + }; + }; my.services.backup = { paths = [ diff --git a/modules/nixos/services/pirate/default.nix b/modules/nixos/services/pirate/default.nix index 59f9794..88a2250 100644 --- a/modules/nixos/services/pirate/default.nix +++ b/modules/nixos/services/pirate/default.nix @@ -21,12 +21,12 @@ let }; mkRedirection = service: { - my.services.nginx.virtualHosts = [ - { + my.services.nginx.virtualHosts = { + ${service} = { subdomain = service; port = ports.${service}; - } - ]; + }; + }; }; mkFail2Ban = service: lib.mkIf cfg.${service}.enable { diff --git a/modules/nixos/services/podgrab/default.nix b/modules/nixos/services/podgrab/default.nix index 9793d60..e59b20d 100644 --- a/modules/nixos/services/podgrab/default.nix +++ b/modules/nixos/services/podgrab/default.nix @@ -31,11 +31,11 @@ in inherit (cfg) passwordFile port; }; - my.services.nginx.virtualHosts = [ - { + my.services.nginx.virtualHosts = { + podgrab = { subdomain = "podgrab"; inherit (cfg) port; - } - ]; + }; + }; }; } diff --git a/modules/nixos/services/sabnzbd/default.nix b/modules/nixos/services/sabnzbd/default.nix index 7ab145f..42058e7 100644 --- a/modules/nixos/services/sabnzbd/default.nix +++ b/modules/nixos/services/sabnzbd/default.nix @@ -18,12 +18,12 @@ in # Set-up media group users.groups.media = { }; - my.services.nginx.virtualHosts = [ - { + my.services.nginx.virtualHosts = { + sabnzbd = { subdomain = "sabnzbd"; inherit port; - } - ]; + }; + }; services.fail2ban.jails = { sabnzbd = '' diff --git a/modules/nixos/services/tandoor-recipes/default.nix b/modules/nixos/services/tandoor-recipes/default.nix index 541e198..353fac3 100644 --- a/modules/nixos/services/tandoor-recipes/default.nix +++ b/modules/nixos/services/tandoor-recipes/default.nix @@ -70,11 +70,11 @@ in ]; }; - my.services.nginx.virtualHosts = [ - { + my.services.nginx.virtualHosts = { + recipes = { subdomain = "recipes"; inherit (cfg) port; - } - ]; + }; + }; }; } diff --git a/modules/nixos/services/transmission/default.nix b/modules/nixos/services/transmission/default.nix index 28df477..ce7f9e6 100644 --- a/modules/nixos/services/transmission/default.nix +++ b/modules/nixos/services/transmission/default.nix @@ -80,12 +80,12 @@ in # Default transmission webui, I prefer combustion but its development # seems to have stalled - my.services.nginx.virtualHosts = [ - { + my.services.nginx.virtualHosts = { + transmission = { subdomain = "transmission"; inherit (cfg) port; - } - ]; + }; + }; networking.firewall = { allowedTCPPorts = [ cfg.peerPort ]; diff --git a/modules/nixos/services/vikunja/default.nix b/modules/nixos/services/vikunja/default.nix index 8c051b0..425698d 100644 --- a/modules/nixos/services/vikunja/default.nix +++ b/modules/nixos/services/vikunja/default.nix @@ -59,8 +59,8 @@ in }; # This is a weird setup - my.services.nginx.virtualHosts = [ - { + my.services.nginx.virtualHosts = { + vikunja = { inherit subdomain; # Serve the root for the web-ui root = config.services.vikunja.package-frontend; @@ -80,8 +80,8 @@ in }; }; }; - } - ]; + }; + }; systemd.services.vikunja-api = { serviceConfig = { diff --git a/modules/nixos/services/woodpecker/server/default.nix b/modules/nixos/services/woodpecker/server/default.nix index cebbc9b..b5ec0d8 100644 --- a/modules/nixos/services/woodpecker/server/default.nix +++ b/modules/nixos/services/woodpecker/server/default.nix @@ -52,16 +52,16 @@ in }]; }; - my.services.nginx.virtualHosts = [ - { + my.services.nginx.virtualHosts = { + woodpecker = { subdomain = "woodpecker"; inherit (cfg) port; - } + }; # I might want to be able to RPC from other hosts in the future - { + woodpecker-rpc = { subdomain = "woodpecker-rpc"; port = cfg.rpcPort; - } - ]; + }; + }; }; }