Format with nixfmt
Change-Id: I615f544649bfa89616dc88a59960df1f05523abf
diff --git a/default.nix b/default.nix
index 404acb2..962a7c7 100644
--- a/default.nix
+++ b/default.nix
@@ -1,3 +1 @@
-inputs: {
- nginx = import ./nginx.nix inputs;
-}
+inputs: { nginx = import ./nginx.nix inputs; }
diff --git a/flake.nix b/flake.nix
index 02d96d7..08b65ff 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,7 +1,5 @@
{
description = "Clicks helpers for writing boilerplatey nix";
- outputs = { self, nixpkgs }: {
- helpers = import ./default.nix;
- };
+ outputs = { self, nixpkgs }: { helpers = import ./default.nix; };
}
diff --git a/nginx.nix b/nginx.nix
index 376ed02..c6417fc 100644
--- a/nginx.nix
+++ b/nginx.nix
@@ -1,185 +1,194 @@
-{ pkgs, ... }: let
- lib = pkgs.lib;
+{ pkgs, ... }:
+let lib = pkgs.lib;
in {
- Host = host: service: {
- inherit host service;
- extraHosts = [];
- secure = true;
- type = "hosts";
- };
- Hosts = hosts: service: {
- inherit service;
- host = builtins.elemAt hosts 0;
- extraHosts = builtins.tail hosts;
- secure = true;
- type = "hosts";
- };
- InsecureHost = host: service: {
- inherit host service;
- extraHosts = [];
- secure = false;
- type = "hosts";
- };
- InsecureHosts = hosts: service: {
- inherit service;
- host = builtins.elemAt hosts 0;
- extraHosts = builtins.tail hosts;
- secure = false;
- type = "hosts";
- };
- ReverseProxy = to: {
- inherit to;
- type = "reverseproxy";
- };
- PHP = root: socket: {
- inherit root socket;
- type = "php";
- };
- Redirect = to: {
- inherit to;
- permanent = false;
- type = "redirect";
- };
- RedirectPermanent = to: {
- inherit to;
- permanent = true;
- type = "redirect";
- };
- Directory = root: {
- inherit root;
- private = false;
- type = "directory";
- };
- PrivateDirectory = root: {
- inherit root;
- private = true;
- type = "directory";
- };
- File = path: {
- inherit path;
- type = "file";
- };
- Compose = services: {
- inherit services;
- type = "compose";
- };
- Path = path: service: {
- inherit path service;
- type = "path";
- };
- Status = statusCode: {
- inherit statusCode;
- type = "status";
- };
+ Host = host: service: {
+ inherit host service;
+ extraHosts = [ ];
+ secure = true;
+ type = "hosts";
+ };
+ Hosts = hosts: service: {
+ inherit service;
+ host = builtins.elemAt hosts 0;
+ extraHosts = builtins.tail hosts;
+ secure = true;
+ type = "hosts";
+ };
+ InsecureHost = host: service: {
+ inherit host service;
+ extraHosts = [ ];
+ secure = false;
+ type = "hosts";
+ };
+ InsecureHosts = hosts: service: {
+ inherit service;
+ host = builtins.elemAt hosts 0;
+ extraHosts = builtins.tail hosts;
+ secure = false;
+ type = "hosts";
+ };
+ ReverseProxy = to: {
+ inherit to;
+ type = "reverseproxy";
+ };
+ PHP = root: socket: {
+ inherit root socket;
+ type = "php";
+ };
+ Redirect = to: {
+ inherit to;
+ permanent = false;
+ type = "redirect";
+ };
+ RedirectPermanent = to: {
+ inherit to;
+ permanent = true;
+ type = "redirect";
+ };
+ Directory = root: {
+ inherit root;
+ private = false;
+ type = "directory";
+ };
+ PrivateDirectory = root: {
+ inherit root;
+ private = true;
+ type = "directory";
+ };
+ File = path: {
+ inherit path;
+ type = "file";
+ };
+ Compose = services: {
+ inherit services;
+ type = "compose";
+ };
+ Path = path: service: {
+ inherit path service;
+ type = "path";
+ };
+ Status = statusCode: {
+ inherit statusCode;
+ type = "status";
+ };
- Merge = let
+ Merge = let
# builtins.length and count up
- _iterateCompose = services: currentConfig: currentPath: secure: priority: i:
- if i < builtins.length services
- then _iterateCompose services (_merge (builtins.elemAt services i) currentConfig currentPath secure (priority+i)) currentPath secure priority (i+1)
- else currentConfig;
+ _iterateCompose = services: currentConfig: currentPath: secure: priority: i:
+ if i < builtins.length services then
+ _iterateCompose services
+ (_merge (builtins.elemAt services i) currentConfig currentPath secure
+ (priority + i)) currentPath secure priority (i + 1)
+ else
+ currentConfig;
- _iterateMerge = i: current: services:
- if i < builtins.length services
- then _iterateMerge (i+1) (current++[(_merge (builtins.elemAt services i) {} "/" true 1000)]) services
- else current;
+ _iterateMerge = i: current: services:
+ if i < builtins.length services then
+ _iterateMerge (i + 1)
+ (current ++ [ (_merge (builtins.elemAt services i) { } "/" true 1000) ])
+ services
+ else
+ current;
- _merge = service: currentConfig: currentPath: secure: priority:
- if service.type == "hosts"
- then _merge service.service (lib.recursiveUpdate currentConfig {
- name = service.host;
- value = {
- serverAliases = service.extraHosts;
+ _merge = service: currentConfig: currentPath: secure: priority:
+ if service.type == "hosts" then
+ _merge service.service (lib.recursiveUpdate currentConfig {
+ name = service.host;
+ value = {
+ serverAliases = service.extraHosts;
- enableACME = true;
- forceSSL = service.secure;
- addSSL = !service.secure;
- listenAddresses = [ "0.0.0.0" ];
- };
- }) currentPath service.secure priority
- else if service.type == "reverseproxy"
- then (lib.recursiveUpdate currentConfig {
- value.locations.${currentPath} = {
- proxyPass = "http://${service.to}";
- proxyWebsockets = true;
- recommendedProxySettings = true;
- };
- })
- else if service.type == "php"
- then (lib.recursiveUpdate currentConfig {
- value.locations.${currentPath} = {
- root = service.root;
- index = "index.php index.html index.htm";
- tryFiles = "$uri $uri/ ${currentPath}index.php?$query_string =404";
- };
- value.locations."~ ^${currentPath}.*\.php$" = {
- tryFiles = "$uri $uri/ ${currentPath}index.php?$query_string =404";
- extraConfig = ''
- include ${pkgs.nginx}/conf/fastcgi_params;
- fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
- fastcgi_param REDIRECT_STATUS 200;
- fastcgi_pass unix:${service.socket};
- fastcgi_intercept_errors on;
- ${lib.optionalString secure "fastcgi_param HTTPS on;"}
- '';
- };
- })
- else if service.type == "redirect"
- then (lib.recursiveUpdate currentConfig {
- value.locations.${currentPath}.return =
- if service.permanent
- then "308 ${service.to}"
- else "307 ${service.to}";
- })
- else if service.type == "directory"
- then (lib.recursiveUpdate currentConfig {
- value.locations.${currentPath} = {
- root = service.root;
- index = "index.html index.htm";
- tryFiles = "$uri $uri/ =404";
- extraConfig = lib.optionalString (!service.private) "autoindex on;";
- };
- })
- else if service.type == "file"
- then (lib.recursiveUpdate currentConfig {
- value.locations.${currentPath} = {
- tryFiles = "${service.path} =404";
- };
- })
- else if service.type == "path"
- then _merge service.service currentConfig service.path service.secure priority
- else if service.type == "compose"
- then (_iterateCompose service.services currentConfig currentPath secure priority 0)
- else if service.type == "status"
- then (lib.recursiveUpdate currentConfig {
- value.locations.${currentPath} = {
- return = "${builtins.toString service.statusCode}";
- };
- })
- else throw "Unknown service type: ${service.type}";
- in (services: lib.pipe services [
- (_iterateMerge 0 [])
- builtins.listToAttrs
- ]);
+ enableACME = true;
+ forceSSL = service.secure;
+ addSSL = !service.secure;
+ listenAddresses = [ "0.0.0.0" ];
+ };
+ }) currentPath service.secure priority
+ else if service.type == "reverseproxy" then
+ (lib.recursiveUpdate currentConfig {
+ value.locations.${currentPath} = {
+ proxyPass = "http://${service.to}";
+ proxyWebsockets = true;
+ recommendedProxySettings = true;
+ };
+ })
+ else if service.type == "php" then
+ (lib.recursiveUpdate currentConfig {
+ value.locations.${currentPath} = {
+ root = service.root;
+ index = "index.php index.html index.htm";
+ tryFiles = "$uri $uri/ ${currentPath}index.php?$query_string =404";
+ };
+ value.locations."~ ^${currentPath}.*.php$" = {
+ tryFiles = "$uri $uri/ ${currentPath}index.php?$query_string =404";
+ extraConfig = ''
+ include ${pkgs.nginx}/conf/fastcgi_params;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_param REDIRECT_STATUS 200;
+ fastcgi_pass unix:${service.socket};
+ fastcgi_intercept_errors on;
+ ${lib.optionalString secure "fastcgi_param HTTPS on;"}
+ '';
+ };
+ })
+ else if service.type == "redirect" then
+ (lib.recursiveUpdate currentConfig {
+ value.locations.${currentPath}.return = if service.permanent then
+ "308 ${service.to}"
+ else
+ "307 ${service.to}";
+ })
+ else if service.type == "directory" then
+ (lib.recursiveUpdate currentConfig {
+ value.locations.${currentPath} = {
+ root = service.root;
+ index = "index.html index.htm";
+ tryFiles = "$uri $uri/ =404";
+ extraConfig = lib.optionalString (!service.private) "autoindex on;";
+ };
+ })
+ else if service.type == "file" then
+ (lib.recursiveUpdate currentConfig {
+ value.locations.${currentPath} = {
+ tryFiles = "${service.path} =404";
+ };
+ })
+ else if service.type == "path" then
+ _merge service.service currentConfig service.path service.secure
+ priority
+ else if service.type == "compose" then
+ (_iterateCompose service.services currentConfig currentPath secure
+ priority 0)
+ else if service.type == "status" then
+ (lib.recursiveUpdate currentConfig {
+ value.locations.${currentPath} = {
+ return = "${builtins.toString service.statusCode}";
+ };
+ })
+ else
+ throw "Unknown service type: ${service.type}";
+ in (services:
+ lib.pipe services [ (_iterateMerge 0 [ ]) builtins.listToAttrs ]);
- # https://www.nginx.com/resources/wiki/start/topics/examples/full/
+ # https://www.nginx.com/resources/wiki/start/topics/examples/full/
- /**
- Internal needs to be a string that is both a host and a port, e.g. generic:1000
- External should only be a port
- Protocol should be TCP or UDP
- */
- Stream = external: internal: protocol: { inherit external internal protocol; };
+ /* *
+ Internal needs to be a string that is both a host and a port, e.g. generic:1000
+ External should only be a port
+ Protocol should be TCP or UDP
+ */
+ Stream = external: internal: protocol: {
+ inherit external internal protocol;
+ };
- Alias = host: alias: {
- inherit host;
- aliases = [ alias ];
- type = "aliases";
- };
+ Alias = host: alias: {
+ inherit host;
+ aliases = [ alias ];
+ type = "aliases";
+ };
- Aliases = host: aliases: {
- inherit host aliases;
- type = "aliases";
- };
+ Aliases = host: aliases: {
+ inherit host aliases;
+ type = "aliases";
+ };
}