nginx: simplify nix functions
This commit is contained in:
parent
ec1f659ce4
commit
3c6677354a
|
|
@ -41,32 +41,6 @@ let
|
||||||
return 302 https://login.nyanlout.re/login?go=$scheme://$http_host$request_uri;
|
return 302 https://login.nyanlout.re/login?go=$scheme://$http_host$request_uri;
|
||||||
}
|
}
|
||||||
'';
|
'';
|
||||||
|
|
||||||
nginxSimpleReverse = rport: {
|
|
||||||
enableACME = true;
|
|
||||||
forceSSL = true;
|
|
||||||
|
|
||||||
locations."/" = {
|
|
||||||
proxyPass = "http://127.0.0.1:${toString(rport)}/";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
nginxAuthReverse = rport: {
|
|
||||||
enableACME = true;
|
|
||||||
forceSSL = true;
|
|
||||||
|
|
||||||
extraConfig = ''
|
|
||||||
include ${nginxSsoAuth};
|
|
||||||
'';
|
|
||||||
|
|
||||||
locations."/" = {
|
|
||||||
proxyPass = "http://127.0.0.1:${toString(rport)}/";
|
|
||||||
extraConfig = ''
|
|
||||||
auth_request_set $cookie $upstream_http_set_cookie;
|
|
||||||
add_header Set-Cookie $cookie;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
security.acme = {
|
security.acme = {
|
||||||
|
|
@ -134,7 +108,31 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
virtualHosts = {
|
virtualHosts = let
|
||||||
|
base = locations: {
|
||||||
|
inherit locations;
|
||||||
|
forceSSL = true;
|
||||||
|
enableACME = true;
|
||||||
|
};
|
||||||
|
simpleReverse = rport: base {
|
||||||
|
"/" = {
|
||||||
|
proxyPass = "http://127.0.0.1:${toString(rport)}/";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
authReverse = rport: base {
|
||||||
|
"/" = {
|
||||||
|
proxyPass = "http://127.0.0.1:${toString(rport)}/";
|
||||||
|
extraConfig = ''
|
||||||
|
auth_request_set $cookie $upstream_http_set_cookie;
|
||||||
|
add_header Set-Cookie $cookie;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
} // {
|
||||||
|
extraConfig = ''
|
||||||
|
include ${nginxSsoAuth};
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
in {
|
||||||
"nyanlout.re" = {
|
"nyanlout.re" = {
|
||||||
default = true;
|
default = true;
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
|
|
@ -239,18 +237,18 @@ in
|
||||||
proxyPass = "http://127.0.0.1:${toString(config.services.nginx.sso.configuration.listen.port)}/";
|
proxyPass = "http://127.0.0.1:${toString(config.services.nginx.sso.configuration.listen.port)}/";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
"grafana.nyanlout.re" = nginxAuthReverse config.services.grafana.port;
|
"grafana.nyanlout.re" = authReverse config.services.grafana.port;
|
||||||
"transmission.nyanlout.re" = nginxAuthReverse config.services.transmission.port;
|
"transmission.nyanlout.re" = authReverse config.services.transmission.port;
|
||||||
"radarr.nyanlout.re" = nginxAuthReverse 7878;
|
"radarr.nyanlout.re" = authReverse 7878;
|
||||||
"sonarr.nyanlout.re" = nginxAuthReverse 8989;
|
"sonarr.nyanlout.re" = authReverse 8989;
|
||||||
"syncthing.nyanlout.re" = nginxAuthReverse 8384;
|
"syncthing.nyanlout.re" = authReverse 8384;
|
||||||
"jackett.nyanlout.re" = nginxAuthReverse 9117;
|
"jackett.nyanlout.re" = authReverse 9117;
|
||||||
"pgmanage.nyanlout.re" = nginxAuthReverse config.services.pgmanage.port;
|
"pgmanage.nyanlout.re" = authReverse config.services.pgmanage.port;
|
||||||
"matrix.nyanlout.re" = nginxSimpleReverse 8008;
|
"matrix.nyanlout.re" = simpleReverse 8008;
|
||||||
"airsonic.nyanlout.re" = nginxSimpleReverse 4040;
|
"airsonic.nyanlout.re" = simpleReverse 4040;
|
||||||
"emby.nyanlout.re" = nginxSimpleReverse 8096;
|
"emby.nyanlout.re" = simpleReverse 8096;
|
||||||
"ci.nyanlout.re" = nginxSimpleReverse 52350;
|
"ci.nyanlout.re" = simpleReverse 52350;
|
||||||
"gitea.nyanlout.re" = nginxSimpleReverse config.services.gitea.httpPort;
|
"gitea.nyanlout.re" = simpleReverse config.services.gitea.httpPort;
|
||||||
};
|
};
|
||||||
appendConfig = ''
|
appendConfig = ''
|
||||||
rtmp {
|
rtmp {
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue