forked from nyanloutre/nixos-config
Organisation service HAproxy
This commit is contained in:
parent
f2ac5a7fd1
commit
415c86221b
@ -6,44 +6,8 @@ let
|
||||
cfg = config.services.haproxy-acme;
|
||||
|
||||
nginx_port = 54321;
|
||||
in
|
||||
{
|
||||
options.services.haproxy-acme = {
|
||||
enable = mkEnableOption "HAproxy + ACME";
|
||||
|
||||
domaine = mkOption {
|
||||
type = types.string;
|
||||
example = "example.com";
|
||||
description = ''
|
||||
Sous domaine à utiliser
|
||||
|
||||
Il est necessaire d'avoir un enregistrement pointant sur la wildcard de ce domaine vers le serveur
|
||||
'';
|
||||
};
|
||||
|
||||
services = mkOption {
|
||||
type = with types; attrsOf (submodule { options = {
|
||||
ip = mkOption { type = str; description = "IP address"; };
|
||||
port = mkOption { type = int; description = "Port number"; };
|
||||
socket = mkOption { type = str; description = "Emplacement du socket"; default = ""; };
|
||||
auth = mkOption { type = bool; description = "Enable authentification"; default = false; };
|
||||
extraAcls = mkOption { type = str; description = "ACL HaProxy suplémentaires"; default = ""; };
|
||||
aclBool = mkOption { type = str; description = "Logique d'authentification"; default = "!AUTH_OK"; };
|
||||
}; });
|
||||
example = ''
|
||||
haproxy_backends = {
|
||||
example = { ip = "127.0.0.1"; port = 1234; auth = false; };
|
||||
};
|
||||
'';
|
||||
description = "Liste des noms de domaines associés à leur backend";
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
services.haproxy.enable = true;
|
||||
|
||||
services.haproxy.config = ''
|
||||
haproxyConf = ''
|
||||
global
|
||||
log /dev/log local0
|
||||
log /dev/log local1 notice
|
||||
@ -114,6 +78,44 @@ in
|
||||
) cfg.services)}
|
||||
|
||||
'';
|
||||
in
|
||||
{
|
||||
options.services.haproxy-acme = {
|
||||
enable = mkEnableOption "HAproxy + ACME";
|
||||
|
||||
domaine = mkOption {
|
||||
type = types.string;
|
||||
example = "example.com";
|
||||
description = ''
|
||||
Sous domaine à utiliser
|
||||
|
||||
Il est necessaire d'avoir un enregistrement pointant sur la wildcard de ce domaine vers le serveur
|
||||
'';
|
||||
};
|
||||
|
||||
services = mkOption {
|
||||
type = with types; attrsOf (submodule { options = {
|
||||
ip = mkOption { type = str; description = "IP address"; };
|
||||
port = mkOption { type = int; description = "Port number"; };
|
||||
socket = mkOption { type = str; description = "Emplacement du socket"; default = ""; };
|
||||
auth = mkOption { type = bool; description = "Enable authentification"; default = false; };
|
||||
extraAcls = mkOption { type = str; description = "ACL HaProxy suplémentaires"; default = ""; };
|
||||
aclBool = mkOption { type = str; description = "Logique d'authentification"; default = "!AUTH_OK"; };
|
||||
}; });
|
||||
example = ''
|
||||
haproxy_backends = {
|
||||
example = { ip = "127.0.0.1"; port = 1234; auth = false; };
|
||||
};
|
||||
'';
|
||||
description = "Liste des noms de domaines associés à leur backend";
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
services.haproxy.enable = true;
|
||||
|
||||
services.haproxy.config = haproxyConf;
|
||||
|
||||
services.nginx.enable = true;
|
||||
services.nginx.virtualHosts = {
|
||||
|
Loading…
Reference in New Issue
Block a user