nyanloutre
/
nixos-config
1
1
Fork 1
Code Issues Pull Requests Releases Wiki Activity

Configuration des domaines générique

This commit is contained in:
nyanloutre 2018-05-17 15:43:35 +02:00
parent bfb50ff90c
commit 69c58eb73e
4 changed files with 33 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
services.nix
View File

@ -24,20 +24,20 @@ in
services.haproxy-acme.enable = true; services.haproxy-acme.enable = true;
services.haproxy-acme.domaine = domaine; services.haproxy-acme.domaine = domaine;
services.haproxy-acme.services = { services.haproxy-acme.services = {
grafana = { ip = "127.0.0.1"; port = 3000; auth = false; }; "grafana.${domaine}" = { ip = "127.0.0.1"; port = 3000; auth = false; };
emby = { ip = "127.0.0.1"; port = 8096; auth = false; }; "emby.${domaine}" = { ip = "127.0.0.1"; port = 8096; auth = false; };
radarr = { ip = "127.0.0.1"; port = 7878; auth = false; }; "radarr.${domaine}" = { ip = "127.0.0.1"; port = 7878; auth = false; };
sonarr = { ip = "127.0.0.1"; port = 8989; auth = false; }; "sonarr.${domaine}" = { ip = "127.0.0.1"; port = 8989; auth = false; };
lidarr = { ip = "127.0.0.1"; port = 8686; auth = false; }; "lidarr.${domaine}" = { ip = "127.0.0.1"; port = 8686; auth = false; };
transmission = { ip = "127.0.0.1"; port = 9091; auth = true; }; "transmission.${domaine}" = { ip = "127.0.0.1"; port = 9091; auth = true; };
syncthing = { ip = "127.0.0.1"; port = 8384; auth = true; }; "syncthing.${domaine}" = { ip = "127.0.0.1"; port = 8384; auth = true; };
jackett = { ip = "127.0.0.1"; port = 9117; auth = true; }; "jackett.${domaine}" = { ip = "127.0.0.1"; port = 9117; auth = true; };
searx = { ip = "127.0.0.1"; port = 8888; auth = false; }; "searx.${domaine}" = { ip = "127.0.0.1"; port = 8888; auth = false; };
riot = { ip = "127.0.0.1"; port = riot_port; auth = false; }; "riot.${domaine}" = { ip = "127.0.0.1"; port = riot_port; auth = false; };
matrix = { ip = "127.0.0.1"; port = 8008; auth = false; }; "matrix.${domaine}" = { ip = "127.0.0.1"; port = 8008; auth = false; };
organizr = { ip = "127.0.0.1"; port = organizr_port; auth = true; }; "organizr.${domaine}" = { ip = "127.0.0.1"; port = organizr_port; auth = true; };
calibre = { ip = "127.0.0.1"; port = 8080; auth = false; }; "calibre.${domaine}" = { ip = "127.0.0.1"; port = 8080; auth = false; };
pgmanage = { ip = "127.0.0.1"; port = pgmanage_port; auth = true; }; "pgmanage.${domaine}" = { ip = "127.0.0.1"; port = pgmanage_port; auth = true; };
}; };
services.mailserver.enable = true; services.mailserver.enable = true;
@ -205,9 +205,11 @@ in
services.site-musique.enable = true; services.site-musique.enable = true;
services.site-musique.port = musique_port; services.site-musique.port = musique_port;
services.site-musique.domaine = "musique.${domaine}";
services.site-max.enable = true; services.site-max.enable = true;
services.site-max.port = max_port; services.site-max.port = max_port;
services.site-max.domaine = "max.${domaine}";
networking.firewall.allowedTCPPorts = [ networking.firewall.allowedTCPPorts = [
111 2049 4000 4001 4002 # NFS 111 2049 4000 4001 4002 # NFS

6
services/haproxy-acme.nix
View File

@ -71,7 +71,7 @@ in
${concatStrings ( ${concatStrings (
mapAttrsToList (name: value: mapAttrsToList (name: value:
" acl ${name}-acl hdr(host) -i ${name}.${cfg.domaine}\n" " acl ${name}-acl hdr(host) -i ${name}\n"
+ " use_backend ${name}-backend if ${name}-acl\n" + " use_backend ${name}-backend if ${name}-acl\n"
) cfg.services)} ) cfg.services)}
@ -111,9 +111,9 @@ in
security.acme.certs = { security.acme.certs = {
${cfg.domaine} = { ${cfg.domaine} = {
extraDomains = mapAttrs' (name: value: extraDomains = mapAttrs' (name: value:
nameValuePair ("${name}.${cfg.domaine}") (null) nameValuePair ("${name}") (null)
) cfg.services; ) cfg.services;
webroot = "/var/www/challenges/"; webroot = "/var/www/challenges";
email = "paul@nyanlout.re"; email = "paul@nyanlout.re";
user = "haproxy"; user = "haproxy";
group = "haproxy"; group = "haproxy";

8
services/site-max.nix
View File

@ -14,12 +14,18 @@ in
example = 54321; example = 54321;
description = "Local listening port"; description = "Local listening port";
}; };
domaine = mkOption {
type = types.str;
example = "example.com";
description = "Domaine à utiliser";
};
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.haproxy-acme.services = { services.haproxy-acme.services = {
max = { ip = "127.0.0.1"; port = cfg.port; auth = false; }; ${cfg.domaine} = { ip = "127.0.0.1"; port = cfg.port; auth = false; };
}; };
services.nginx.virtualHosts = { services.nginx.virtualHosts = {

8
services/site-musique.nix
View File

@ -14,12 +14,18 @@ in
example = 54321; example = 54321;
description = "Local listening port"; description = "Local listening port";
}; };
domaine = mkOption {
type = types.str;
example = "example.com";
description = "Domaine à utiliser";
};
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.haproxy-acme.services = { services.haproxy-acme.services = {
musique = { ip = "127.0.0.1"; port = cfg.port; auth = false; }; ${cfg.domaine} = { ip = "127.0.0.1"; port = cfg.port; auth = false; };
}; };
services.nginx.virtualHosts = { services.nginx.virtualHosts = {