about summary refs log tree commit diff
diff options
context:
space:
mode:
authorFranck Cuny <franck@fcuny.net>2022-04-13 14:17:00 -0700
committerFranck Cuny <franck@fcuny.net>2022-04-13 14:17:00 -0700
commit9c467c91b7596d28bd7007017f9c1364dfb27278 (patch)
tree5049cfa4a13f3f54a038ecb371adef601d4cec52
parentgrafana: correct domain name ... (diff)
downloadworld-9c467c91b7596d28bd7007017f9c1364dfb27278.tar.gz
modules: make the vhost be configurable
Diffstat (limited to '')
-rw-r--r--hosts/tahoe/services.nix12
-rw-r--r--modules/services/navidrome/default.nix18
-rw-r--r--modules/services/transmission/default.nix11
-rw-r--r--modules/services/unifi/default.nix11
4 files changed, 34 insertions, 18 deletions
diff --git a/hosts/tahoe/services.nix b/hosts/tahoe/services.nix
index 453ce0f..6ad8456 100644
--- a/hosts/tahoe/services.nix
+++ b/hosts/tahoe/services.nix
@@ -8,9 +8,13 @@ in {
     };
     navidrome = {
       enable = true;
+      vhostName = "music.fcuny.xyz";
       musicFolder = "/data/fast/music";
     };
-    unifi = { enable = true; };
+    unifi = {
+      enable = true;
+      vhostName = "unifi.fcuny.xyz";
+    };
     prometheus = { enable = true; };
     grafana = {
       enable = true;
@@ -21,9 +25,11 @@ in {
       stateDir = "/var/lib/gitea";
     };
     rclone = { enable = true; };
-    traefik = { enable = false; };
     nginx = { enable = true; };
-    transmission = { enable = true; };
+    transmission = {
+      enable = true;
+      vhostName = "bt.fcuny.xyz";
+    };
     metrics-exporter = { enable = true; };
     backup = {
       enable = true;
diff --git a/modules/services/navidrome/default.nix b/modules/services/navidrome/default.nix
index 6ea0038..87f7422 100644
--- a/modules/services/navidrome/default.nix
+++ b/modules/services/navidrome/default.nix
@@ -5,6 +5,11 @@ let
 in {
   options.my.services.navidrome = with lib; {
     enable = mkEnableOption "Navidrome Music Server";
+    vhostName = mkOption {
+      type = types.str;
+      example = "music.fcuny.net";
+      description = "Name for the virtual host";
+    };
     musicFolder = mkOption {
       type = types.str;
       example = "/data/fast/music";
@@ -15,28 +20,23 @@ in {
   config = lib.mkIf cfg.enable {
     services.navidrome = {
       enable = true;
-      settings = {
-        MusicFolder = cfg.musicFolder;
-        Address = "0.0.0.0";
-        httpPort = "4533";
-      };
+      settings = { MusicFolder = cfg.musicFolder; };
     };
 
-    services.nginx.virtualHosts."music.fcuny.xyz" = {
+    services.nginx.virtualHosts."${cfg.vhostName}" = {
       forceSSL = true;
-      useACMEHost = "music.fcuny.xyz";
+      useACMEHost = cfg.vhostName;
       locations."/" = {
         proxyPass = "http://127.0.0.1:4533";
         proxyWebsockets = true;
       };
     };
 
-    security.acme.certs."music.fcuny.xyz" = {
+    security.acme.certs."${cfg.vhostName}" = {
       dnsProvider = "gcloud";
       credentialsFile = secrets."acme/credentials".path;
     };
 
     my.services.backup = { paths = [ "/var/lib/navidrome" ]; };
-    networking.firewall.allowedTCPPorts = [ 4533 ];
   };
 }
diff --git a/modules/services/transmission/default.nix b/modules/services/transmission/default.nix
index dea7828..57bea77 100644
--- a/modules/services/transmission/default.nix
+++ b/modules/services/transmission/default.nix
@@ -5,6 +5,11 @@ let
 in {
   options.my.services.transmission = with lib; {
     enable = mkEnableOption "transmission torrent server";
+    vhostName = mkOption {
+      type = types.str;
+      example = "music.fcuny.net";
+      description = "Name for the virtual host";
+    };
   };
 
   config = lib.mkIf cfg.enable {
@@ -27,16 +32,16 @@ in {
       };
     };
 
-    services.nginx.virtualHosts."bt.fcuny.xyz" = {
+    services.nginx.virtualHosts."${cfg.vhostName}" = {
       forceSSL = true;
-      useACMEHost = "bt.fcuny.xyz";
+      useACMEHost = cfg.vhostName;
       locations."/" = {
         proxyPass = "http://127.0.0.1:9091";
         proxyWebsockets = true;
       };
     };
 
-    security.acme.certs."bt.fcuny.xyz" = {
+    security.acme.certs."${cfg.vhostName}" = {
       dnsProvider = "gcloud";
       credentialsFile = secrets."acme/credentials".path;
     };
diff --git a/modules/services/unifi/default.nix b/modules/services/unifi/default.nix
index 137e8ed..1433725 100644
--- a/modules/services/unifi/default.nix
+++ b/modules/services/unifi/default.nix
@@ -20,6 +20,11 @@ let
 in {
   options.my.services.unifi = with lib; {
     enable = mkEnableOption "Unifi controller";
+    vhostName = mkOption {
+      type = types.str;
+      example = "music.fcuny.net";
+      description = "Name for the virtual host";
+    };
   };
 
   config = lib.mkIf cfg.enable {
@@ -63,16 +68,16 @@ in {
       };
     };
 
-    services.nginx.virtualHosts."unifi.fcuny.xyz" = {
+    services.nginx.virtualHosts."${cfg.vhostName}" = {
       forceSSL = true;
-      useACMEHost = "unifi.fcuny.xyz";
+      useACMEHost = cfg.vhostName;
       locations."/" = {
         proxyPass = "http://127.0.0.1:8443";
         proxyWebsockets = true;
       };
     };
 
-    security.acme.certs."unifi.fcuny.xyz" = {
+    security.acme.certs."${cfg.vhostName}" = {
       dnsProvider = "gcloud";
       credentialsFile = secrets."acme/credentials".path;
     };