Configuration des domaines générique

2018-05-17 15:43:35 +02:00 · 2018-05-17 15:43:35 +02:00 · 69c58eb73e
parent bfb50ff90c
commit 69c58eb73e
4 changed files with 33 additions and 19 deletions
--- a/services.nix
+++ b/services.nix
@ -24,20 +24,20 @@ in
  services.haproxy-acme.enable = true;
  services.haproxy-acme.domaine = domaine;
  services.haproxy-acme.services = {
-    grafana = { ip = "127.0.0.1"; port = 3000; auth = false; };
-    emby = { ip = "127.0.0.1"; port = 8096; auth = false; };
-    radarr = { ip = "127.0.0.1"; port = 7878; auth = false; };
-    sonarr = { ip = "127.0.0.1"; port = 8989; auth = false; };
-    lidarr = { ip = "127.0.0.1"; port = 8686; auth = false; };
-    transmission = { ip = "127.0.0.1"; port = 9091; auth = true; };
-    syncthing = { ip = "127.0.0.1"; port = 8384; auth = true; };
-    jackett = { ip = "127.0.0.1"; port = 9117; auth = true; };
-    searx = { ip = "127.0.0.1"; port = 8888; auth = false; };
-    riot = { ip = "127.0.0.1"; port = riot_port; auth = false; };
-    matrix = { ip = "127.0.0.1"; port = 8008; auth = false; };
-    organizr = { ip = "127.0.0.1"; port = organizr_port; auth = true; };
-    calibre = { ip = "127.0.0.1"; port = 8080; auth = false; };
-    pgmanage = { ip = "127.0.0.1"; port = pgmanage_port; auth = true; };
+    "grafana.${domaine}" = { ip = "127.0.0.1"; port = 3000; auth = false; };
+    "emby.${domaine}" = { ip = "127.0.0.1"; port = 8096; auth = false; };
+    "radarr.${domaine}" = { ip = "127.0.0.1"; port = 7878; auth = false; };
+    "sonarr.${domaine}" = { ip = "127.0.0.1"; port = 8989; auth = false; };
+    "lidarr.${domaine}" = { ip = "127.0.0.1"; port = 8686; auth = false; };
+    "transmission.${domaine}" = { ip = "127.0.0.1"; port = 9091; auth = true; };
+    "syncthing.${domaine}" = { ip = "127.0.0.1"; port = 8384; auth = true; };
+    "jackett.${domaine}" = { ip = "127.0.0.1"; port = 9117; auth = true; };
+    "searx.${domaine}" = { ip = "127.0.0.1"; port = 8888; auth = false; };
+    "riot.${domaine}" = { ip = "127.0.0.1"; port = riot_port; auth = false; };
+    "matrix.${domaine}" = { ip = "127.0.0.1"; port = 8008; auth = false; };
+    "organizr.${domaine}" = { ip = "127.0.0.1"; port = organizr_port; auth = true; };
+    "calibre.${domaine}" = { ip = "127.0.0.1"; port = 8080; auth = false; };
+    "pgmanage.${domaine}" = { ip = "127.0.0.1"; port = pgmanage_port; auth = true; };
  };

  services.mailserver.enable = true;
@ -205,9 +205,11 @@ in

  services.site-musique.enable = true;
  services.site-musique.port = musique_port;
+  services.site-musique.domaine = "musique.${domaine}";

  services.site-max.enable = true;
  services.site-max.port = max_port;
+  services.site-max.domaine = "max.${domaine}";

  networking.firewall.allowedTCPPorts = [
    111 2049 4000 4001 4002 # NFS
--- a/services/haproxy-acme.nix
+++ b/services/haproxy-acme.nix
@ -71,7 +71,7 @@ in

      ${concatStrings (
        mapAttrsToList (name: value:
-          "  acl ${name}-acl hdr(host) -i ${name}.${cfg.domaine}\n"
+          "  acl ${name}-acl hdr(host) -i ${name}\n"
        + "  use_backend ${name}-backend if ${name}-acl\n"
        ) cfg.services)}

@ -111,9 +111,9 @@ in
    security.acme.certs = {
      ${cfg.domaine} = {
        extraDomains = mapAttrs' (name: value:
-          nameValuePair ("${name}.${cfg.domaine}") (null)
+          nameValuePair ("${name}") (null)
        ) cfg.services;
-        webroot = "/var/www/challenges/";
+        webroot = "/var/www/challenges";
        email = "paul@nyanlout.re";
        user = "haproxy";
        group = "haproxy";
--- a/services/site-max.nix
+++ b/services/site-max.nix
@ -14,12 +14,18 @@ in
      example = 54321;
      description = "Local listening port";
    };
+
+    domaine = mkOption {
+      type = types.str;
+      example = "example.com";
+      description = "Domaine à utiliser";
+    };
  };

  config = mkIf cfg.enable {

    services.haproxy-acme.services = {
-      max = { ip = "127.0.0.1"; port = cfg.port; auth = false; };
+      ${cfg.domaine} = { ip = "127.0.0.1"; port = cfg.port; auth = false; };
    };

    services.nginx.virtualHosts = {
--- a/services/site-musique.nix
+++ b/services/site-musique.nix
@ -14,12 +14,18 @@ in
      example = 54321;
      description = "Local listening port";
    };
+
+    domaine = mkOption {
+      type = types.str;
+      example = "example.com";
+      description = "Domaine à utiliser";
+    };
  };

  config = mkIf cfg.enable {

    services.haproxy-acme.services = {
-      musique = { ip = "127.0.0.1"; port = cfg.port; auth = false; };
+      ${cfg.domaine} = { ip = "127.0.0.1"; port = cfg.port; auth = false; };
    };

    services.nginx.virtualHosts = {