nixos: services: nginx: use attrset for vhosts

Attribute sets compose better than lists, it was a mistake to use a list
in the first place...
This commit is contained in:
Bruno BELANYI 2023-12-25 19:25:08 +01:00
parent 26950332c7
commit faa87743e5
22 changed files with 118 additions and 118 deletions

View file

@ -9,7 +9,7 @@ let
root = "/var/www/${subdomain}"; root = "/var/www/${subdomain}";
}; };
hostsInfo = map makeHostInfo [ "cv" "dev" "key" ]; hostsInfo = lib.flip lib.genAttrs makeHostInfo [ "cv" "dev" "key" ];
in in
{ {
options.my.services.blog = { options.my.services.blog = {

View file

@ -40,12 +40,12 @@ in
# Set-up media group # Set-up media group
users.groups.media = { }; users.groups.media = { };
my.services.nginx.virtualHosts = [ my.services.nginx.virtualHosts = {
{ library = {
subdomain = "library"; subdomain = "library";
inherit (cfg) port; inherit (cfg) port;
} };
]; };
my.services.backup = { my.services.backup = {
paths = [ paths = [

View file

@ -45,11 +45,11 @@ in
}]; }];
}; };
my.services.nginx.virtualHosts = [ my.services.nginx.virtualHosts = {
{ drone = {
subdomain = "drone"; subdomain = "drone";
inherit (cfg) port; inherit (cfg) port;
} };
]; };
}; };
} }

View file

@ -40,11 +40,11 @@ in
}; };
}; };
my.services.nginx.virtualHosts = [ my.services.nginx.virtualHosts = {
{ flood = {
subdomain = "flood"; subdomain = "flood";
inherit (cfg) port; inherit (cfg) port;
} };
]; };
}; };
} }

View file

@ -116,18 +116,18 @@ in
}; };
users.groups.git = { }; users.groups.git = { };
my.services.nginx.virtualHosts = [ my.services.nginx.virtualHosts = {
# Proxy to Gitea # Proxy to Gitea
{ git = {
subdomain = "git"; subdomain = "git";
inherit (cfg) port; inherit (cfg) port;
} };
# Redirect `gitea.` to actual forge subdomain # Redirect `gitea.` to actual forge subdomain
{ gitea = {
subdomain = "gitea"; subdomain = "gitea";
redirect = config.services.gitea.settings.server.ROOT_URL; redirect = config.services.gitea.settings.server.ROOT_URL;
} };
]; };
my.services.backup = { my.services.backup = {
paths = [ paths = [

View file

@ -28,12 +28,12 @@ in
}; };
}; };
my.services.nginx.virtualHosts = [ my.services.nginx.virtualHosts = {
{ jackett = {
subdomain = "jackett"; subdomain = "jackett";
port = jackettPort; port = jackettPort;
} };
]; };
}) })
(lib.mkIf cfg.nzbhydra.enable { (lib.mkIf cfg.nzbhydra.enable {
@ -41,12 +41,12 @@ in
enable = true; enable = true;
}; };
my.services.nginx.virtualHosts = [ my.services.nginx.virtualHosts = {
{ nzbhydra = {
subdomain = "nzbhydra"; subdomain = "nzbhydra";
port = nzbhydraPort; port = nzbhydraPort;
} };
]; };
}) })
(lib.mkIf cfg.prowlarr.enable { (lib.mkIf cfg.prowlarr.enable {
@ -54,12 +54,12 @@ in
enable = true; enable = true;
}; };
my.services.nginx.virtualHosts = [ my.services.nginx.virtualHosts = {
{ prowlarr = {
subdomain = "prowlarr"; subdomain = "prowlarr";
port = prowlarrPort; port = prowlarrPort;
} };
]; };
services.fail2ban.jails = { services.fail2ban.jails = {
prowlarr = '' prowlarr = ''

View file

@ -17,8 +17,8 @@ in
# Set-up media group # Set-up media group
users.groups.media = { }; users.groups.media = { };
my.services.nginx.virtualHosts = [ my.services.nginx.virtualHosts = {
{ jellyfin = {
subdomain = "jellyfin"; subdomain = "jellyfin";
port = 8096; port = 8096;
extraConfig = { extraConfig = {
@ -33,7 +33,7 @@ in
proxyWebsockets = true; proxyWebsockets = true;
}; };
}; };
} };
]; };
}; };
} }

View file

@ -98,11 +98,11 @@ in
}; };
users.groups.lohr = { }; users.groups.lohr = { };
my.services.nginx.virtualHosts = [ my.services.nginx.virtualHosts = {
{ lohr = {
subdomain = "lohr"; subdomain = "lohr";
inherit (cfg) port; inherit (cfg) port;
} };
]; };
}; };
} }

View file

@ -117,9 +117,9 @@ in
}; };
}; };
my.services.nginx.virtualHosts = [ my.services.nginx.virtualHosts = {
# Element Web app deployment # Element Web app deployment
{ chat = {
subdomain = "chat"; subdomain = "chat";
root = pkgs.element-web.override { root = pkgs.element-web.override {
conf = { conf = {
@ -145,22 +145,22 @@ in
}; };
}; };
}; };
} };
# Dummy VHosts for port collision detection # Dummy VHosts for port collision detection
{ matrix-federation = {
subdomain = "matrix-federation"; subdomain = "matrix-federation";
port = federationPort.private; port = federationPort.private;
} };
{ matrix-client = {
subdomain = "matrix-client"; subdomain = "matrix-client";
port = clientPort.private; port = clientPort.private;
} };
# Sliding sync # Sliding sync
{ matrix-sync = {
subdomain = "matrix-sync"; subdomain = "matrix-sync";
inherit (cfg.slidingSync) port; inherit (cfg.slidingSync) port;
} };
]; };
# Those are too complicated to use my wrapper... # Those are too complicated to use my wrapper...
services.nginx.virtualHosts = { services.nginx.virtualHosts = {

View file

@ -43,11 +43,11 @@ in
}; };
}; };
my.services.nginx.virtualHosts = [ my.services.nginx.virtualHosts = {
{ reader = {
subdomain = "reader"; subdomain = "reader";
inherit (cfg) port; inherit (cfg) port;
} };
]; };
}; };
} }

View file

@ -125,11 +125,11 @@ in
]; ];
}; };
my.services.nginx.virtualHosts = [ my.services.nginx.virtualHosts = {
{ monitoring = {
subdomain = "monitoring"; subdomain = "monitoring";
inherit (cfg.grafana) port; inherit (cfg.grafana) port;
} };
]; };
}; };
} }

View file

@ -47,11 +47,11 @@ in
}; };
}; };
my.services.nginx.virtualHosts = [ my.services.nginx.virtualHosts = {
{ music = {
subdomain = "music"; subdomain = "music";
inherit (cfg) port; inherit (cfg) port;
} };
]; };
}; };
} }

View file

@ -97,19 +97,19 @@ in
}; };
virtualHosts = mkOption { virtualHosts = mkOption {
type = types.listOf virtualHostOption; type = types.attrsOf virtualHostOption;
default = [ ]; default = { };
example = litteralExample '' example = litteralExample ''
[
{ {
subdomain = "gitea"; gitea = {
subdomain = "git";
port = 8080; port = 8080;
} };
{ dev = {
subdomain = "dev"; subdomain = "dev";
root = "/var/www/dev"; root = "/var/www/dev";
} };
{ jellyfin = {
subdomain = "jellyfin"; subdomain = "jellyfin";
port = 8096; port = 8096;
extraConfig = { extraConfig = {
@ -118,8 +118,8 @@ in
proxyWebsockets = true; proxyWebsockets = true;
}; };
}; };
};
} }
]
''; '';
description = '' description = ''
List of virtual hosts to set-up using default settings. List of virtual hosts to set-up using default settings.
@ -190,7 +190,7 @@ in
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
assertions = [ ] assertions = [ ]
++ (lib.flip builtins.map cfg.virtualHosts ({ subdomain, ... } @ args: ++ (lib.flip lib.mapAttrsToList cfg.virtualHosts (_: { subdomain, ... } @ args:
let let
conflicts = [ "port" "root" "socket" "redirect" ]; conflicts = [ "port" "root" "socket" "redirect" ];
optionsNotNull = builtins.map (v: args.${v} != null) conflicts; optionsNotNull = builtins.map (v: args.${v} != null) conflicts;
@ -209,7 +209,7 @@ in
ports = lib.my.mapFilter ports = lib.my.mapFilter
(v: v != null) (v: v != null)
({ port, ... }: port) ({ port, ... }: port)
cfg.virtualHosts; (lib.attrValues cfg.virtualHosts);
portCounts = lib.my.countValues ports; portCounts = lib.my.countValues ports;
nonUniquesCounts = lib.filterAttrs (_: v: v != 1) portCounts; nonUniquesCounts = lib.filterAttrs (_: v: v != 1) portCounts;
nonUniques = builtins.attrNames nonUniquesCounts; nonUniques = builtins.attrNames nonUniquesCounts;
@ -221,7 +221,7 @@ in
map mkAssertion nonUniques map mkAssertion nonUniques
) ++ ( ) ++ (
let let
subs = map ({ subdomain, ... }: subdomain) cfg.virtualHosts; subs = lib.mapAttrsToList (_: { subdomain, ... }: subdomain) cfg.virtualHosts;
subsCounts = lib.my.countValues subs; subsCounts = lib.my.countValues subs;
nonUniquesCounts = lib.filterAttrs (_: v: v != 1) subsCounts; nonUniquesCounts = lib.filterAttrs (_: v: v != 1) subsCounts;
nonUniques = builtins.attrNames nonUniquesCounts; nonUniques = builtins.attrNames nonUniquesCounts;
@ -325,7 +325,7 @@ in
]) ])
); );
in in
lib.my.genAttrs' cfg.virtualHosts mkVHost; lib.my.genAttrs' (lib.attrValues cfg.virtualHosts) mkVHost;
sso = { sso = {
enable = true; enable = true;
@ -403,12 +403,12 @@ in
}; };
}; };
my.services.nginx.virtualHosts = [ my.services.nginx.virtualHosts = {
{ login = {
subdomain = "login"; subdomain = "login";
inherit (cfg.sso) port; inherit (cfg.sso) port;
} };
]; };
networking.firewall.allowedTCPPorts = [ 80 443 ]; networking.firewall.allowedTCPPorts = [ 80 443 ];

View file

@ -43,11 +43,11 @@ in
signKeyPath = cfg.secretKeyFile; signKeyPath = cfg.secretKeyFile;
}; };
my.services.nginx.virtualHosts = [ my.services.nginx.virtualHosts = {
{ cache = {
subdomain = "cache"; subdomain = "cache";
inherit (cfg) port; inherit (cfg) port;
} };
]; };
}; };
} }

View file

@ -143,8 +143,8 @@ in
extraGroups = [ "media" ]; extraGroups = [ "media" ];
}; };
my.services.nginx.virtualHosts = [ my.services.nginx.virtualHosts = {
{ paperless = {
subdomain = "paperless"; subdomain = "paperless";
inherit (cfg) port; inherit (cfg) port;
sso = { sso = {
@ -155,8 +155,8 @@ in
extraConfig = { extraConfig = {
locations."/".proxyWebsockets = true; locations."/".proxyWebsockets = true;
}; };
} };
]; };
my.services.backup = { my.services.backup = {
paths = [ paths = [

View file

@ -21,12 +21,12 @@ let
}; };
mkRedirection = service: { mkRedirection = service: {
my.services.nginx.virtualHosts = [ my.services.nginx.virtualHosts = {
{ ${service} = {
subdomain = service; subdomain = service;
port = ports.${service}; port = ports.${service};
} };
]; };
}; };
mkFail2Ban = service: lib.mkIf cfg.${service}.enable { mkFail2Ban = service: lib.mkIf cfg.${service}.enable {

View file

@ -31,11 +31,11 @@ in
inherit (cfg) passwordFile port; inherit (cfg) passwordFile port;
}; };
my.services.nginx.virtualHosts = [ my.services.nginx.virtualHosts = {
{ podgrab = {
subdomain = "podgrab"; subdomain = "podgrab";
inherit (cfg) port; inherit (cfg) port;
} };
]; };
}; };
} }

View file

@ -18,12 +18,12 @@ in
# Set-up media group # Set-up media group
users.groups.media = { }; users.groups.media = { };
my.services.nginx.virtualHosts = [ my.services.nginx.virtualHosts = {
{ sabnzbd = {
subdomain = "sabnzbd"; subdomain = "sabnzbd";
inherit port; inherit port;
} };
]; };
services.fail2ban.jails = { services.fail2ban.jails = {
sabnzbd = '' sabnzbd = ''

View file

@ -70,11 +70,11 @@ in
]; ];
}; };
my.services.nginx.virtualHosts = [ my.services.nginx.virtualHosts = {
{ recipes = {
subdomain = "recipes"; subdomain = "recipes";
inherit (cfg) port; inherit (cfg) port;
} };
]; };
}; };
} }

View file

@ -80,12 +80,12 @@ in
# Default transmission webui, I prefer combustion but its development # Default transmission webui, I prefer combustion but its development
# seems to have stalled # seems to have stalled
my.services.nginx.virtualHosts = [ my.services.nginx.virtualHosts = {
{ transmission = {
subdomain = "transmission"; subdomain = "transmission";
inherit (cfg) port; inherit (cfg) port;
} };
]; };
networking.firewall = { networking.firewall = {
allowedTCPPorts = [ cfg.peerPort ]; allowedTCPPorts = [ cfg.peerPort ];

View file

@ -59,8 +59,8 @@ in
}; };
# This is a weird setup # This is a weird setup
my.services.nginx.virtualHosts = [ my.services.nginx.virtualHosts = {
{ vikunja = {
inherit subdomain; inherit subdomain;
# Serve the root for the web-ui # Serve the root for the web-ui
root = config.services.vikunja.package-frontend; root = config.services.vikunja.package-frontend;
@ -80,8 +80,8 @@ in
}; };
}; };
}; };
} };
]; };
systemd.services.vikunja-api = { systemd.services.vikunja-api = {
serviceConfig = { serviceConfig = {

View file

@ -52,16 +52,16 @@ in
}]; }];
}; };
my.services.nginx.virtualHosts = [ my.services.nginx.virtualHosts = {
{ woodpecker = {
subdomain = "woodpecker"; subdomain = "woodpecker";
inherit (cfg) port; inherit (cfg) port;
} };
# I might want to be able to RPC from other hosts in the future # I might want to be able to RPC from other hosts in the future
{ woodpecker-rpc = {
subdomain = "woodpecker-rpc"; subdomain = "woodpecker-rpc";
port = cfg.rpcPort; port = cfg.rpcPort;
} };
]; };
}; };
} }