From 9c467c91b7596d28bd7007017f9c1364dfb27278 Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Wed, 13 Apr 2022 14:17:00 -0700 Subject: modules: make the vhost be configurable --- hosts/tahoe/services.nix | 12 +++++++++--- modules/services/navidrome/default.nix | 18 +++++++++--------- modules/services/transmission/default.nix | 11 ++++++++--- modules/services/unifi/default.nix | 11 ++++++++--- 4 files changed, 34 insertions(+), 18 deletions(-) diff --git a/hosts/tahoe/services.nix b/hosts/tahoe/services.nix index 453ce0f..6ad8456 100644 --- a/hosts/tahoe/services.nix +++ b/hosts/tahoe/services.nix @@ -8,9 +8,13 @@ in { }; navidrome = { enable = true; + vhostName = "music.fcuny.xyz"; musicFolder = "/data/fast/music"; }; - unifi = { enable = true; }; + unifi = { + enable = true; + vhostName = "unifi.fcuny.xyz"; + }; prometheus = { enable = true; }; grafana = { enable = true; @@ -21,9 +25,11 @@ in { stateDir = "/var/lib/gitea"; }; rclone = { enable = true; }; - traefik = { enable = false; }; nginx = { enable = true; }; - transmission = { enable = true; }; + transmission = { + enable = true; + vhostName = "bt.fcuny.xyz"; + }; metrics-exporter = { enable = true; }; backup = { enable = true; diff --git a/modules/services/navidrome/default.nix b/modules/services/navidrome/default.nix index 6ea0038..87f7422 100644 --- a/modules/services/navidrome/default.nix +++ b/modules/services/navidrome/default.nix @@ -5,6 +5,11 @@ let in { options.my.services.navidrome = with lib; { enable = mkEnableOption "Navidrome Music Server"; + vhostName = mkOption { + type = types.str; + example = "music.fcuny.net"; + description = "Name for the virtual host"; + }; musicFolder = mkOption { type = types.str; example = "/data/fast/music"; @@ -15,28 +20,23 @@ in { config = lib.mkIf cfg.enable { services.navidrome = { enable = true; - settings = { - MusicFolder = cfg.musicFolder; - Address = "0.0.0.0"; - httpPort = "4533"; - }; + settings = { MusicFolder = cfg.musicFolder; }; }; - services.nginx.virtualHosts."music.fcuny.xyz" = { + services.nginx.virtualHosts."${cfg.vhostName}" = { forceSSL = true; - useACMEHost = "music.fcuny.xyz"; + useACMEHost = cfg.vhostName; locations."/" = { proxyPass = "http://127.0.0.1:4533"; proxyWebsockets = true; }; }; - security.acme.certs."music.fcuny.xyz" = { + security.acme.certs."${cfg.vhostName}" = { dnsProvider = "gcloud"; credentialsFile = secrets."acme/credentials".path; }; my.services.backup = { paths = [ "/var/lib/navidrome" ]; }; - networking.firewall.allowedTCPPorts = [ 4533 ]; }; } diff --git a/modules/services/transmission/default.nix b/modules/services/transmission/default.nix index dea7828..57bea77 100644 --- a/modules/services/transmission/default.nix +++ b/modules/services/transmission/default.nix @@ -5,6 +5,11 @@ let in { options.my.services.transmission = with lib; { enable = mkEnableOption "transmission torrent server"; + vhostName = mkOption { + type = types.str; + example = "music.fcuny.net"; + description = "Name for the virtual host"; + }; }; config = lib.mkIf cfg.enable { @@ -27,16 +32,16 @@ in { }; }; - services.nginx.virtualHosts."bt.fcuny.xyz" = { + services.nginx.virtualHosts."${cfg.vhostName}" = { forceSSL = true; - useACMEHost = "bt.fcuny.xyz"; + useACMEHost = cfg.vhostName; locations."/" = { proxyPass = "http://127.0.0.1:9091"; proxyWebsockets = true; }; }; - security.acme.certs."bt.fcuny.xyz" = { + security.acme.certs."${cfg.vhostName}" = { dnsProvider = "gcloud"; credentialsFile = secrets."acme/credentials".path; }; diff --git a/modules/services/unifi/default.nix b/modules/services/unifi/default.nix index 137e8ed..1433725 100644 --- a/modules/services/unifi/default.nix +++ b/modules/services/unifi/default.nix @@ -20,6 +20,11 @@ let in { options.my.services.unifi = with lib; { enable = mkEnableOption "Unifi controller"; + vhostName = mkOption { + type = types.str; + example = "music.fcuny.net"; + description = "Name for the virtual host"; + }; }; config = lib.mkIf cfg.enable { @@ -63,16 +68,16 @@ in { }; }; - services.nginx.virtualHosts."unifi.fcuny.xyz" = { + services.nginx.virtualHosts."${cfg.vhostName}" = { forceSSL = true; - useACMEHost = "unifi.fcuny.xyz"; + useACMEHost = cfg.vhostName; locations."/" = { proxyPass = "http://127.0.0.1:8443"; proxyWebsockets = true; }; }; - security.acme.certs."unifi.fcuny.xyz" = { + security.acme.certs."${cfg.vhostName}" = { dnsProvider = "gcloud"; credentialsFile = secrets."acme/credentials".path; }; -- cgit 1.4.1