diff options
author | Franck Cuny <franck@fcuny.net> | 2023-05-10 17:48:26 -0700 |
---|---|---|
committer | Franck Cuny <franck@fcuny.net> | 2023-05-10 17:48:26 -0700 |
commit | 90c41f7edb323e13e78d8ec976ee6467b0c807aa (patch) | |
tree | 3effb8452331b742cd3081ed657de57439e677d5 /profiles | |
parent | modules/unifi: fix the configuration (diff) | |
download | world-90c41f7edb323e13e78d8ec976ee6467b0c807aa.tar.gz |
profiles/unifi: move the module to a profile
Get rid of configuration that was duplicated (a lot of things are already handled by the upstream module).
Diffstat (limited to 'profiles')
-rw-r--r-- | profiles/unifi.nix | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/profiles/unifi.nix b/profiles/unifi.nix new file mode 100644 index 0000000..9307acd --- /dev/null +++ b/profiles/unifi.nix @@ -0,0 +1,38 @@ +{ config, lib, pkgs, ... }: + +let + secrets = config.age.secrets; + vhostName = "unifi.${config.homelab.domain}"; +in +{ + # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/networking/unifi.nix + services.unifi = { + enable = true; + openFirewall = true; + unifiPackage = pkgs.unifi7; + mongodbPackage = pkgs.mongodb-4_2; + }; + + services.nginx.virtualHosts."${cfg.vhostName}" = { + forceSSL = true; + useACMEHost = config.homelab.domain; + listen = [ + { + addr = "192.168.6.40"; + port = 443; + ssl = true; + } + { + addr = "192.168.6.40"; + port = 80; + ssl = false; + } + ]; + locations."/" = { + proxyPass = "https://127.0.0.1:8443"; + proxyWebsockets = true; + }; + }; + + my.services.backup = { paths = [ "/var/lib/unifi/data/backup" ]; }; +} |