vskilet
/
nixos-config
forked from nyanloutre/nixos-config
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Organisation service HAproxy

This commit is contained in:
nyanloutre 2018-08-06 20:25:27 +02:00
parent f2ac5a7fd1
commit 415c86221b
1 changed files with 73 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
services/haproxy-acme.nix
View File

@ -6,44 +6,8 @@ let
cfg = config.services.haproxy-acme; cfg = config.services.haproxy-acme;
nginx_port = 54321; nginx_port = 54321;
in
{
options.services.haproxy-acme = {
enable = mkEnableOption "HAproxy + ACME";
domaine = mkOption { haproxyConf = ''
type = types.string;
example = "example.com";
description = ''
Sous domaine à utiliser
Il est necessaire d'avoir un enregistrement pointant sur la wildcard de ce domaine vers le serveur
'';
};
services = mkOption {
type = with types; attrsOf (submodule { options = {
ip = mkOption { type = str; description = "IP address"; };
port = mkOption { type = int; description = "Port number"; };
socket = mkOption { type = str; description = "Emplacement du socket"; default = ""; };
auth = mkOption { type = bool; description = "Enable authentification"; default = false; };
extraAcls = mkOption { type = str; description = "ACL HaProxy suplémentaires"; default = ""; };
aclBool = mkOption { type = str; description = "Logique d'authentification"; default = "!AUTH_OK"; };
}; });
example = ''
haproxy_backends = {
example = { ip = "127.0.0.1"; port = 1234; auth = false; };
};
'';
description = "Liste des noms de domaines associés à leur backend";
};
};
config = mkIf cfg.enable {
services.haproxy.enable = true;
services.haproxy.config = ''
global global
log /dev/log local0 log /dev/log local0
log /dev/log local1 notice log /dev/log local1 notice
@ -114,6 +78,44 @@ in
) cfg.services)} ) cfg.services)}
''; '';
in
{
options.services.haproxy-acme = {
enable = mkEnableOption "HAproxy + ACME";
domaine = mkOption {
type = types.string;
example = "example.com";
description = ''
Sous domaine à utiliser
Il est necessaire d'avoir un enregistrement pointant sur la wildcard de ce domaine vers le serveur
'';
};
services = mkOption {
type = with types; attrsOf (submodule { options = {
ip = mkOption { type = str; description = "IP address"; };
port = mkOption { type = int; description = "Port number"; };
socket = mkOption { type = str; description = "Emplacement du socket"; default = ""; };
auth = mkOption { type = bool; description = "Enable authentification"; default = false; };
extraAcls = mkOption { type = str; description = "ACL HaProxy suplémentaires"; default = ""; };
aclBool = mkOption { type = str; description = "Logique d'authentification"; default = "!AUTH_OK"; };
}; });
example = ''
haproxy_backends = {
example = { ip = "127.0.0.1"; port = 1234; auth = false; };
};
'';
description = "Liste des noms de domaines associés à leur backend";
};
};
config = mkIf cfg.enable {
services.haproxy.enable = true;
services.haproxy.config = haproxyConf;
services.nginx.enable = true; services.nginx.enable = true;
services.nginx.virtualHosts = { services.nginx.virtualHosts = {