From 69c58eb73e4a31b794eaca00dd584c257f20be0b Mon Sep 17 00:00:00 2001 From: nyanloutre Date: Thu, 17 May 2018 15:43:35 +0200 Subject: [PATCH] =?UTF-8?q?Configuration=20des=20domaines=20g=C3=A9n=C3=A9?= =?UTF-8?q?rique?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- services.nix | 30 ++++++++++++++++-------------- services/haproxy-acme.nix | 6 +++--- services/site-max.nix | 8 +++++++- services/site-musique.nix | 8 +++++++- 4 files changed, 33 insertions(+), 19 deletions(-) diff --git a/services.nix b/services.nix index f46bb38..73cc689 100644 --- a/services.nix +++ b/services.nix @@ -24,20 +24,20 @@ in services.haproxy-acme.enable = true; services.haproxy-acme.domaine = domaine; services.haproxy-acme.services = { - grafana = { ip = "127.0.0.1"; port = 3000; auth = false; }; - emby = { ip = "127.0.0.1"; port = 8096; auth = false; }; - radarr = { ip = "127.0.0.1"; port = 7878; auth = false; }; - sonarr = { ip = "127.0.0.1"; port = 8989; auth = false; }; - lidarr = { ip = "127.0.0.1"; port = 8686; auth = false; }; - transmission = { ip = "127.0.0.1"; port = 9091; auth = true; }; - syncthing = { ip = "127.0.0.1"; port = 8384; auth = true; }; - jackett = { ip = "127.0.0.1"; port = 9117; auth = true; }; - searx = { ip = "127.0.0.1"; port = 8888; auth = false; }; - riot = { ip = "127.0.0.1"; port = riot_port; auth = false; }; - matrix = { ip = "127.0.0.1"; port = 8008; auth = false; }; - organizr = { ip = "127.0.0.1"; port = organizr_port; auth = true; }; - calibre = { ip = "127.0.0.1"; port = 8080; auth = false; }; - pgmanage = { ip = "127.0.0.1"; port = pgmanage_port; auth = true; }; + "grafana.${domaine}" = { ip = "127.0.0.1"; port = 3000; auth = false; }; + "emby.${domaine}" = { ip = "127.0.0.1"; port = 8096; auth = false; }; + "radarr.${domaine}" = { ip = "127.0.0.1"; port = 7878; auth = false; }; + "sonarr.${domaine}" = { ip = "127.0.0.1"; port = 8989; auth = false; }; + "lidarr.${domaine}" = { ip = "127.0.0.1"; port = 8686; auth = false; }; + "transmission.${domaine}" = { ip = "127.0.0.1"; port = 9091; auth = true; }; + "syncthing.${domaine}" = { ip = "127.0.0.1"; port = 8384; auth = true; }; + "jackett.${domaine}" = { ip = "127.0.0.1"; port = 9117; auth = true; }; + "searx.${domaine}" = { ip = "127.0.0.1"; port = 8888; auth = false; }; + "riot.${domaine}" = { ip = "127.0.0.1"; port = riot_port; auth = false; }; + "matrix.${domaine}" = { ip = "127.0.0.1"; port = 8008; auth = false; }; + "organizr.${domaine}" = { ip = "127.0.0.1"; port = organizr_port; auth = true; }; + "calibre.${domaine}" = { ip = "127.0.0.1"; port = 8080; auth = false; }; + "pgmanage.${domaine}" = { ip = "127.0.0.1"; port = pgmanage_port; auth = true; }; }; services.mailserver.enable = true; @@ -205,9 +205,11 @@ in services.site-musique.enable = true; services.site-musique.port = musique_port; + services.site-musique.domaine = "musique.${domaine}"; services.site-max.enable = true; services.site-max.port = max_port; + services.site-max.domaine = "max.${domaine}"; networking.firewall.allowedTCPPorts = [ 111 2049 4000 4001 4002 # NFS diff --git a/services/haproxy-acme.nix b/services/haproxy-acme.nix index 7ea4c6e..600bf2f 100644 --- a/services/haproxy-acme.nix +++ b/services/haproxy-acme.nix @@ -71,7 +71,7 @@ in ${concatStrings ( mapAttrsToList (name: value: - " acl ${name}-acl hdr(host) -i ${name}.${cfg.domaine}\n" + " acl ${name}-acl hdr(host) -i ${name}\n" + " use_backend ${name}-backend if ${name}-acl\n" ) cfg.services)} @@ -111,9 +111,9 @@ in security.acme.certs = { ${cfg.domaine} = { extraDomains = mapAttrs' (name: value: - nameValuePair ("${name}.${cfg.domaine}") (null) + nameValuePair ("${name}") (null) ) cfg.services; - webroot = "/var/www/challenges/"; + webroot = "/var/www/challenges"; email = "paul@nyanlout.re"; user = "haproxy"; group = "haproxy"; diff --git a/services/site-max.nix b/services/site-max.nix index cf7b4c3..8983501 100644 --- a/services/site-max.nix +++ b/services/site-max.nix @@ -14,12 +14,18 @@ in example = 54321; description = "Local listening port"; }; + + domaine = mkOption { + type = types.str; + example = "example.com"; + description = "Domaine à utiliser"; + }; }; config = mkIf cfg.enable { services.haproxy-acme.services = { - max = { ip = "127.0.0.1"; port = cfg.port; auth = false; }; + ${cfg.domaine} = { ip = "127.0.0.1"; port = cfg.port; auth = false; }; }; services.nginx.virtualHosts = { diff --git a/services/site-musique.nix b/services/site-musique.nix index b7c508b..8e6e31a 100644 --- a/services/site-musique.nix +++ b/services/site-musique.nix @@ -14,12 +14,18 @@ in example = 54321; description = "Local listening port"; }; + + domaine = mkOption { + type = types.str; + example = "example.com"; + description = "Domaine à utiliser"; + }; }; config = mkIf cfg.enable { services.haproxy-acme.services = { - musique = { ip = "127.0.0.1"; port = cfg.port; auth = false; }; + ${cfg.domaine} = { ip = "127.0.0.1"; port = cfg.port; auth = false; }; }; services.nginx.virtualHosts = {