Add nginx hosts

2025-12-06 08:07:45 +00:00 · 2024-11-30 12:44:53 +00:00 · 2024-11-30 12:44:53 +00:00 · 784c5dfdad
commit 784c5dfdad
parent 2f228d3ed0
2 changed files with 32 additions and 8 deletions
--- a/modules/nixos/server/media.nix
+++ b/modules/nixos/server/media.nix
@ -21,5 +21,7 @@
    };

    users.users.immich.extraGroups = [ "video" "render" ];
+
+    mods.server.nginx.hosts."photos" = 2283;
  };
 }
--- a/modules/nixos/server/nginx.nix
+++ b/modules/nixos/server/nginx.nix
@ -1,12 +1,32 @@
-{ pkgs, lib, config, ... }: {
+{ pkgs, lib, config, ... }:
+let
+
+  cfg = config.mods.server.nginx;
+
+in with lib; {
  options.mods.server.nginx = {
-    enable = lib.mkEnableOption {
+    enable = mkEnableOption {
      default = false;
      description = "enables nginx reverse proxy";
    };
+
+    ip = mkOption {
+      type = types.str;
+      default = "10.0.0.3";
    };

-  config = lib.mkIf config.mods.server.nginx.enable {
+    domain = mkOption {
+      type = types.str;
+      default = "muon.host";
+    };
+
+    hosts = mkOption {
+      type = types.attrsOf (types.ints.u16);
+      default = { };
+    };
+  };
+
+  config = mkIf cfg.enable {
    # ACME won't be able to authenticate your domain
    # if ports 80 & 443 aren't open in your firewall.
    networking.firewall = { allowedTCPPorts = [ 443 80 ]; };
@ -59,11 +79,13 @@
          enableACME = true;
        };
        proxy = port:
-          base { "/".proxyPass = "http://10.0.0.3:" + toString (port) + "/"; };
-      in {
-        # Define example.com as reverse-proxied service on 127.0.0.1:3000
-        "photos.muon.host" = proxy 2283 // { default = true; };
+          base {
+            "/".proxyPass = cfg.ip + toString port + "/";
+            default = true;
          };
+      in mapAttrs'
+      (name: port: nameValuePair ("${name}.${cfg.domain}") (proxy port))
+      cfg.hosts;
    };
  };
 }