nixos: services: nginx: use attrset for vhosts

Attribute sets compose better than lists, it was a mistake to use a list
in the first place...
This commit is contained in:
Bruno BELANYI 2023-12-25 19:25:08 +01:00
parent 26950332c7
commit faa87743e5
22 changed files with 118 additions and 118 deletions

View file

@ -9,7 +9,7 @@ let
root = "/var/www/${subdomain}";
};
hostsInfo = map makeHostInfo [ "cv" "dev" "key" ];
hostsInfo = lib.flip lib.genAttrs makeHostInfo [ "cv" "dev" "key" ];
in
{
options.my.services.blog = {

View file

@ -40,12 +40,12 @@ in
# Set-up media group
users.groups.media = { };
my.services.nginx.virtualHosts = [
{
my.services.nginx.virtualHosts = {
library = {
subdomain = "library";
inherit (cfg) port;
}
];
};
};
my.services.backup = {
paths = [

View file

@ -45,11 +45,11 @@ in
}];
};
my.services.nginx.virtualHosts = [
{
my.services.nginx.virtualHosts = {
drone = {
subdomain = "drone";
inherit (cfg) port;
}
];
};
};
};
}

View file

@ -40,11 +40,11 @@ in
};
};
my.services.nginx.virtualHosts = [
{
my.services.nginx.virtualHosts = {
flood = {
subdomain = "flood";
inherit (cfg) port;
}
];
};
};
};
}

View file

@ -116,18 +116,18 @@ in
};
users.groups.git = { };
my.services.nginx.virtualHosts = [
my.services.nginx.virtualHosts = {
# Proxy to Gitea
{
git = {
subdomain = "git";
inherit (cfg) port;
}
};
# Redirect `gitea.` to actual forge subdomain
{
gitea = {
subdomain = "gitea";
redirect = config.services.gitea.settings.server.ROOT_URL;
}
];
};
};
my.services.backup = {
paths = [

View file

@ -28,12 +28,12 @@ in
};
};
my.services.nginx.virtualHosts = [
{
my.services.nginx.virtualHosts = {
jackett = {
subdomain = "jackett";
port = jackettPort;
}
];
};
};
})
(lib.mkIf cfg.nzbhydra.enable {
@ -41,12 +41,12 @@ in
enable = true;
};
my.services.nginx.virtualHosts = [
{
my.services.nginx.virtualHosts = {
nzbhydra = {
subdomain = "nzbhydra";
port = nzbhydraPort;
}
];
};
};
})
(lib.mkIf cfg.prowlarr.enable {
@ -54,12 +54,12 @@ in
enable = true;
};
my.services.nginx.virtualHosts = [
{
my.services.nginx.virtualHosts = {
prowlarr = {
subdomain = "prowlarr";
port = prowlarrPort;
}
];
};
};
services.fail2ban.jails = {
prowlarr = ''

View file

@ -17,8 +17,8 @@ in
# Set-up media group
users.groups.media = { };
my.services.nginx.virtualHosts = [
{
my.services.nginx.virtualHosts = {
jellyfin = {
subdomain = "jellyfin";
port = 8096;
extraConfig = {
@ -33,7 +33,7 @@ in
proxyWebsockets = true;
};
};
}
];
};
};
};
}

View file

@ -98,11 +98,11 @@ in
};
users.groups.lohr = { };
my.services.nginx.virtualHosts = [
{
my.services.nginx.virtualHosts = {
lohr = {
subdomain = "lohr";
inherit (cfg) port;
}
];
};
};
};
}

View file

@ -117,9 +117,9 @@ in
};
};
my.services.nginx.virtualHosts = [
my.services.nginx.virtualHosts = {
# Element Web app deployment
{
chat = {
subdomain = "chat";
root = pkgs.element-web.override {
conf = {
@ -145,22 +145,22 @@ in
};
};
};
}
};
# Dummy VHosts for port collision detection
{
matrix-federation = {
subdomain = "matrix-federation";
port = federationPort.private;
}
{
};
matrix-client = {
subdomain = "matrix-client";
port = clientPort.private;
}
};
# Sliding sync
{
matrix-sync = {
subdomain = "matrix-sync";
inherit (cfg.slidingSync) port;
}
];
};
};
# Those are too complicated to use my wrapper...
services.nginx.virtualHosts = {

View file

@ -43,11 +43,11 @@ in
};
};
my.services.nginx.virtualHosts = [
{
my.services.nginx.virtualHosts = {
reader = {
subdomain = "reader";
inherit (cfg) port;
}
];
};
};
};
}

View file

@ -125,11 +125,11 @@ in
];
};
my.services.nginx.virtualHosts = [
{
my.services.nginx.virtualHosts = {
monitoring = {
subdomain = "monitoring";
inherit (cfg.grafana) port;
}
];
};
};
};
}

View file

@ -47,11 +47,11 @@ in
};
};
my.services.nginx.virtualHosts = [
{
my.services.nginx.virtualHosts = {
music = {
subdomain = "music";
inherit (cfg) port;
}
];
};
};
};
}

View file

@ -97,19 +97,19 @@ in
};
virtualHosts = mkOption {
type = types.listOf virtualHostOption;
default = [ ];
type = types.attrsOf virtualHostOption;
default = { };
example = litteralExample ''
[
{
subdomain = "gitea";
gitea = {
subdomain = "git";
port = 8080;
}
{
};
dev = {
subdomain = "dev";
root = "/var/www/dev";
}
{
};
jellyfin = {
subdomain = "jellyfin";
port = 8096;
extraConfig = {
@ -118,8 +118,8 @@ in
proxyWebsockets = true;
};
};
};
}
]
'';
description = ''
List of virtual hosts to set-up using default settings.
@ -190,7 +190,7 @@ in
config = lib.mkIf cfg.enable {
assertions = [ ]
++ (lib.flip builtins.map cfg.virtualHosts ({ subdomain, ... } @ args:
++ (lib.flip lib.mapAttrsToList cfg.virtualHosts (_: { subdomain, ... } @ args:
let
conflicts = [ "port" "root" "socket" "redirect" ];
optionsNotNull = builtins.map (v: args.${v} != null) conflicts;
@ -209,7 +209,7 @@ in
ports = lib.my.mapFilter
(v: v != null)
({ port, ... }: port)
cfg.virtualHosts;
(lib.attrValues cfg.virtualHosts);
portCounts = lib.my.countValues ports;
nonUniquesCounts = lib.filterAttrs (_: v: v != 1) portCounts;
nonUniques = builtins.attrNames nonUniquesCounts;
@ -221,7 +221,7 @@ in
map mkAssertion nonUniques
) ++ (
let
subs = map ({ subdomain, ... }: subdomain) cfg.virtualHosts;
subs = lib.mapAttrsToList (_: { subdomain, ... }: subdomain) cfg.virtualHosts;
subsCounts = lib.my.countValues subs;
nonUniquesCounts = lib.filterAttrs (_: v: v != 1) subsCounts;
nonUniques = builtins.attrNames nonUniquesCounts;
@ -325,7 +325,7 @@ in
])
);
in
lib.my.genAttrs' cfg.virtualHosts mkVHost;
lib.my.genAttrs' (lib.attrValues cfg.virtualHosts) mkVHost;
sso = {
enable = true;
@ -403,12 +403,12 @@ in
};
};
my.services.nginx.virtualHosts = [
{
my.services.nginx.virtualHosts = {
login = {
subdomain = "login";
inherit (cfg.sso) port;
}
];
};
};
networking.firewall.allowedTCPPorts = [ 80 443 ];

View file

@ -43,11 +43,11 @@ in
signKeyPath = cfg.secretKeyFile;
};
my.services.nginx.virtualHosts = [
{
my.services.nginx.virtualHosts = {
cache = {
subdomain = "cache";
inherit (cfg) port;
}
];
};
};
};
}

View file

@ -143,8 +143,8 @@ in
extraGroups = [ "media" ];
};
my.services.nginx.virtualHosts = [
{
my.services.nginx.virtualHosts = {
paperless = {
subdomain = "paperless";
inherit (cfg) port;
sso = {
@ -155,8 +155,8 @@ in
extraConfig = {
locations."/".proxyWebsockets = true;
};
}
];
};
};
my.services.backup = {
paths = [

View file

@ -21,12 +21,12 @@ let
};
mkRedirection = service: {
my.services.nginx.virtualHosts = [
{
my.services.nginx.virtualHosts = {
${service} = {
subdomain = service;
port = ports.${service};
}
];
};
};
};
mkFail2Ban = service: lib.mkIf cfg.${service}.enable {

View file

@ -31,11 +31,11 @@ in
inherit (cfg) passwordFile port;
};
my.services.nginx.virtualHosts = [
{
my.services.nginx.virtualHosts = {
podgrab = {
subdomain = "podgrab";
inherit (cfg) port;
}
];
};
};
};
}

View file

@ -18,12 +18,12 @@ in
# Set-up media group
users.groups.media = { };
my.services.nginx.virtualHosts = [
{
my.services.nginx.virtualHosts = {
sabnzbd = {
subdomain = "sabnzbd";
inherit port;
}
];
};
};
services.fail2ban.jails = {
sabnzbd = ''

View file

@ -70,11 +70,11 @@ in
];
};
my.services.nginx.virtualHosts = [
{
my.services.nginx.virtualHosts = {
recipes = {
subdomain = "recipes";
inherit (cfg) port;
}
];
};
};
};
}

View file

@ -80,12 +80,12 @@ in
# Default transmission webui, I prefer combustion but its development
# seems to have stalled
my.services.nginx.virtualHosts = [
{
my.services.nginx.virtualHosts = {
transmission = {
subdomain = "transmission";
inherit (cfg) port;
}
];
};
};
networking.firewall = {
allowedTCPPorts = [ cfg.peerPort ];

View file

@ -59,8 +59,8 @@ in
};
# This is a weird setup
my.services.nginx.virtualHosts = [
{
my.services.nginx.virtualHosts = {
vikunja = {
inherit subdomain;
# Serve the root for the web-ui
root = config.services.vikunja.package-frontend;
@ -80,8 +80,8 @@ in
};
};
};
}
];
};
};
systemd.services.vikunja-api = {
serviceConfig = {

View file

@ -52,16 +52,16 @@ in
}];
};
my.services.nginx.virtualHosts = [
{
my.services.nginx.virtualHosts = {
woodpecker = {
subdomain = "woodpecker";
inherit (cfg) port;
}
};
# I might want to be able to RPC from other hosts in the future
{
woodpecker-rpc = {
subdomain = "woodpecker-rpc";
port = cfg.rpcPort;
}
];
};
};
};
}