From 784c5dfdade061316a9c87db663361612ebebf0e Mon Sep 17 00:00:00 2001
From: muon <admin@muon.host>
Date: Sat, 30 Nov 2024 12:44:53 +0000
Subject: [PATCH] Add nginx hosts

---
 modules/nixos/server/media.nix |  2 ++
 modules/nixos/server/nginx.nix | 38 +++++++++++++++++++++++++++-------
 2 files changed, 32 insertions(+), 8 deletions(-)

diff --git a/modules/nixos/server/media.nix b/modules/nixos/server/media.nix
index f49aa02..7c39742 100644
--- a/modules/nixos/server/media.nix
+++ b/modules/nixos/server/media.nix
@@ -21,5 +21,7 @@
     };
 
     users.users.immich.extraGroups = [ "video" "render" ];
+
+    mods.server.nginx.hosts."photos" = 2283;
   };
 }
diff --git a/modules/nixos/server/nginx.nix b/modules/nixos/server/nginx.nix
index fe792ae..812447f 100644
--- a/modules/nixos/server/nginx.nix
+++ b/modules/nixos/server/nginx.nix
@@ -1,12 +1,32 @@
-{ pkgs, lib, config, ... }: {
+{ pkgs, lib, config, ... }:
+let
+
+  cfg = config.mods.server.nginx;
+
+in with lib; {
   options.mods.server.nginx = {
-    enable = lib.mkEnableOption {
+    enable = mkEnableOption {
       default = false;
       description = "enables nginx reverse proxy";
     };
+
+    ip = mkOption {
+      type = types.str;
+      default = "10.0.0.3";
+    };
+
+    domain = mkOption {
+      type = types.str;
+      default = "muon.host";
+    };
+
+    hosts = mkOption {
+      type = types.attrsOf (types.ints.u16);
+      default = { };
+    };
   };
 
-  config = lib.mkIf config.mods.server.nginx.enable {
+  config = mkIf cfg.enable {
     # ACME won't be able to authenticate your domain
     # if ports 80 & 443 aren't open in your firewall.
     networking.firewall = { allowedTCPPorts = [ 443 80 ]; };
@@ -59,11 +79,13 @@
           enableACME = true;
         };
         proxy = port:
-          base { "/".proxyPass = "http://10.0.0.3:" + toString (port) + "/"; };
-      in {
-        # Define example.com as reverse-proxied service on 127.0.0.1:3000
-        "photos.muon.host" = proxy 2283 // { default = true; };
-      };
+          base {
+            "/".proxyPass = cfg.ip + toString port + "/";
+            default = true;
+          };
+      in mapAttrs'
+      (name: port: nameValuePair ("${name}.${cfg.domain}") (proxy port))
+      cfg.hosts;
     };
   };
 }