Skyler Grey | db1f1d9 | 2023-10-22 16:43:45 +0000 | [diff] [blame] | 1 | { pkgs, ... }: |
| 2 | let lib = pkgs.lib; |
Skyler Grey | c0a6247 | 2023-10-18 23:29:13 +0000 | [diff] [blame] | 3 | in { |
Skyler Grey | db1f1d9 | 2023-10-22 16:43:45 +0000 | [diff] [blame] | 4 | Host = host: service: { |
| 5 | inherit host service; |
| 6 | extraHosts = [ ]; |
| 7 | secure = true; |
Skyler Grey | 6706dbc | 2024-05-05 01:00:34 +0000 | [diff] [blame] | 8 | specific = false; |
| 9 | type = "hosts"; |
| 10 | }; |
| 11 | SpecificHost = host: service: { |
| 12 | inherit host service; |
| 13 | extraHosts = [ ]; |
| 14 | secure = true; |
| 15 | specific = true; |
Skyler Grey | db1f1d9 | 2023-10-22 16:43:45 +0000 | [diff] [blame] | 16 | type = "hosts"; |
| 17 | }; |
| 18 | Hosts = hosts: service: { |
| 19 | inherit service; |
| 20 | host = builtins.elemAt hosts 0; |
| 21 | extraHosts = builtins.tail hosts; |
| 22 | secure = true; |
Skyler Grey | 6706dbc | 2024-05-05 01:00:34 +0000 | [diff] [blame] | 23 | specific = false; |
Skyler Grey | db1f1d9 | 2023-10-22 16:43:45 +0000 | [diff] [blame] | 24 | type = "hosts"; |
| 25 | }; |
| 26 | InsecureHost = host: service: { |
| 27 | inherit host service; |
| 28 | extraHosts = [ ]; |
| 29 | secure = false; |
Skyler Grey | 6706dbc | 2024-05-05 01:00:34 +0000 | [diff] [blame] | 30 | specific = false; |
Skyler Grey | db1f1d9 | 2023-10-22 16:43:45 +0000 | [diff] [blame] | 31 | type = "hosts"; |
| 32 | }; |
| 33 | InsecureHosts = hosts: service: { |
| 34 | inherit service; |
| 35 | host = builtins.elemAt hosts 0; |
| 36 | extraHosts = builtins.tail hosts; |
| 37 | secure = false; |
Skyler Grey | 6706dbc | 2024-05-05 01:00:34 +0000 | [diff] [blame] | 38 | specific = false; |
Skyler Grey | db1f1d9 | 2023-10-22 16:43:45 +0000 | [diff] [blame] | 39 | type = "hosts"; |
| 40 | }; |
| 41 | ReverseProxy = to: { |
| 42 | inherit to; |
| 43 | type = "reverseproxy"; |
| 44 | }; |
| 45 | PHP = root: socket: { |
| 46 | inherit root socket; |
| 47 | type = "php"; |
| 48 | }; |
| 49 | Redirect = to: { |
| 50 | inherit to; |
| 51 | permanent = false; |
| 52 | type = "redirect"; |
| 53 | }; |
| 54 | RedirectPermanent = to: { |
| 55 | inherit to; |
| 56 | permanent = true; |
| 57 | type = "redirect"; |
| 58 | }; |
| 59 | Directory = root: { |
| 60 | inherit root; |
| 61 | private = false; |
| 62 | type = "directory"; |
| 63 | }; |
| 64 | PrivateDirectory = root: { |
| 65 | inherit root; |
| 66 | private = true; |
| 67 | type = "directory"; |
| 68 | }; |
| 69 | File = path: { |
| 70 | inherit path; |
| 71 | type = "file"; |
| 72 | }; |
| 73 | Compose = services: { |
| 74 | inherit services; |
| 75 | type = "compose"; |
| 76 | }; |
| 77 | Path = path: service: { |
| 78 | inherit path service; |
| 79 | type = "path"; |
| 80 | }; |
| 81 | Status = statusCode: { |
| 82 | inherit statusCode; |
| 83 | type = "status"; |
| 84 | }; |
Skyler Grey | 8b911b9 | 2023-11-21 21:20:16 +0000 | [diff] [blame] | 85 | Header = header: value: service: { |
| 86 | inherit header value service; |
| 87 | type = "header"; |
| 88 | }; |
| 89 | CrossOrigin = service: { |
| 90 | inherit service; |
| 91 | header = "Access-Control-Allow-Origin"; |
| 92 | value = "*"; |
| 93 | type = "header"; |
| 94 | }; |
Skyler Grey | c0a6247 | 2023-10-18 23:29:13 +0000 | [diff] [blame] | 95 | |
Skyler Grey | db1f1d9 | 2023-10-22 16:43:45 +0000 | [diff] [blame] | 96 | Merge = let |
Skyler Grey | c0a6247 | 2023-10-18 23:29:13 +0000 | [diff] [blame] | 97 | # builtins.length and count up |
Skyler Grey | db1f1d9 | 2023-10-22 16:43:45 +0000 | [diff] [blame] | 98 | _iterateCompose = services: currentConfig: currentPath: secure: priority: i: |
| 99 | if i < builtins.length services then |
| 100 | _iterateCompose services |
| 101 | (_merge (builtins.elemAt services i) currentConfig currentPath secure |
| 102 | (priority + i)) currentPath secure priority (i + 1) |
| 103 | else |
| 104 | currentConfig; |
Skyler Grey | c0a6247 | 2023-10-18 23:29:13 +0000 | [diff] [blame] | 105 | |
Skyler Grey | db1f1d9 | 2023-10-22 16:43:45 +0000 | [diff] [blame] | 106 | _iterateMerge = i: current: services: |
| 107 | if i < builtins.length services then |
| 108 | _iterateMerge (i + 1) |
| 109 | (current ++ [ (_merge (builtins.elemAt services i) { } "/" true 1000) ]) |
| 110 | services |
| 111 | else |
| 112 | current; |
Skyler Grey | c0a6247 | 2023-10-18 23:29:13 +0000 | [diff] [blame] | 113 | |
Skyler Grey | db1f1d9 | 2023-10-22 16:43:45 +0000 | [diff] [blame] | 114 | _merge = service: currentConfig: currentPath: secure: priority: |
| 115 | if service.type == "hosts" then |
| 116 | _merge service.service (lib.recursiveUpdate currentConfig { |
| 117 | name = service.host; |
| 118 | value = { |
Skyler Grey | 6706dbc | 2024-05-05 01:00:34 +0000 | [diff] [blame] | 119 | serverAliases = service.extraHosts ++ (if service.specific |
| 120 | then [] |
| 121 | else [ "www.${service.host}" ] ++ (map (host: "www.${host}") service.extraHosts)); |
Skyler Grey | db1f1d9 | 2023-10-22 16:43:45 +0000 | [diff] [blame] | 122 | enableACME = true; |
| 123 | forceSSL = service.secure; |
| 124 | addSSL = !service.secure; |
| 125 | listenAddresses = [ "0.0.0.0" ]; |
| 126 | }; |
| 127 | }) currentPath service.secure priority |
| 128 | else if service.type == "reverseproxy" then |
| 129 | (lib.recursiveUpdate currentConfig { |
| 130 | value.locations.${currentPath} = { |
Skyler Grey | 64d1d30 | 2023-10-25 07:26:33 +0000 | [diff] [blame] | 131 | proxyPass = if currentPath == "/" then |
| 132 | "http://${service.to}" |
| 133 | else |
| 134 | "http://${service.to}/"; |
Skyler Grey | db1f1d9 | 2023-10-22 16:43:45 +0000 | [diff] [blame] | 135 | proxyWebsockets = true; |
| 136 | recommendedProxySettings = true; |
| 137 | }; |
| 138 | }) |
| 139 | else if service.type == "php" then |
| 140 | (lib.recursiveUpdate currentConfig { |
| 141 | value.locations.${currentPath} = { |
| 142 | root = service.root; |
| 143 | index = "index.php index.html index.htm"; |
| 144 | tryFiles = "$uri $uri/ ${currentPath}index.php?$query_string =404"; |
| 145 | }; |
| 146 | value.locations."~ ^${currentPath}.*.php$" = { |
| 147 | tryFiles = "$uri $uri/ ${currentPath}index.php?$query_string =404"; |
| 148 | extraConfig = '' |
| 149 | include ${pkgs.nginx}/conf/fastcgi_params; |
| 150 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; |
| 151 | fastcgi_param REDIRECT_STATUS 200; |
| 152 | fastcgi_pass unix:${service.socket}; |
| 153 | fastcgi_intercept_errors on; |
| 154 | ${lib.optionalString secure "fastcgi_param HTTPS on;"} |
| 155 | ''; |
| 156 | }; |
| 157 | }) |
| 158 | else if service.type == "redirect" then |
| 159 | (lib.recursiveUpdate currentConfig { |
| 160 | value.locations.${currentPath}.return = if service.permanent then |
| 161 | "308 ${service.to}" |
| 162 | else |
| 163 | "307 ${service.to}"; |
| 164 | }) |
| 165 | else if service.type == "directory" then |
| 166 | (lib.recursiveUpdate currentConfig { |
| 167 | value.locations.${currentPath} = { |
| 168 | root = service.root; |
| 169 | index = "index.html index.htm"; |
| 170 | tryFiles = "$uri $uri/ =404"; |
| 171 | extraConfig = lib.optionalString (!service.private) "autoindex on;"; |
| 172 | }; |
| 173 | }) |
| 174 | else if service.type == "file" then |
| 175 | (lib.recursiveUpdate currentConfig { |
| 176 | value.locations.${currentPath} = { |
Skyler Grey | 9b2bb0d | 2023-11-07 18:26:11 +0000 | [diff] [blame] | 177 | root = "/"; |
Skyler Grey | db1f1d9 | 2023-10-22 16:43:45 +0000 | [diff] [blame] | 178 | tryFiles = "${service.path} =404"; |
| 179 | }; |
| 180 | }) |
| 181 | else if service.type == "path" then |
| 182 | _merge service.service currentConfig service.path service.secure |
| 183 | priority |
Skyler Grey | 8b911b9 | 2023-11-21 21:20:16 +0000 | [diff] [blame] | 184 | else if service.type == "header" then |
| 185 | _merge service.service |
| 186 | (lib.recursiveUpdate currentConfig { |
| 187 | value.locations.${currentPath} = { |
| 188 | extraConfig = |
| 189 | (if |
| 190 | builtins.hasAttr "value" currentConfig |
| 191 | && builtins.hasAttr "locations" currentConfig.value |
| 192 | && builtins.hasAttr currentPath currentConfig.value.locations |
| 193 | && builtins.hasAttr "extraConfig" currentConfig.value.locations.${currentPath} |
| 194 | then currentConfig.value.locations.${currentPath}.extraConfig else "") + |
| 195 | '' |
| 196 | add_header ${service.header} "${service.value}"; |
| 197 | ''; |
| 198 | }; |
| 199 | }) currentPath secure priority |
Skyler Grey | db1f1d9 | 2023-10-22 16:43:45 +0000 | [diff] [blame] | 200 | else if service.type == "compose" then |
| 201 | (_iterateCompose service.services currentConfig currentPath secure |
| 202 | priority 0) |
| 203 | else if service.type == "status" then |
| 204 | (lib.recursiveUpdate currentConfig { |
| 205 | value.locations.${currentPath} = { |
| 206 | return = "${builtins.toString service.statusCode}"; |
| 207 | }; |
| 208 | }) |
| 209 | else |
| 210 | throw "Unknown service type: ${service.type}"; |
| 211 | in (services: |
| 212 | lib.pipe services [ (_iterateMerge 0 [ ]) builtins.listToAttrs ]); |
Skyler Grey | c0a6247 | 2023-10-18 23:29:13 +0000 | [diff] [blame] | 213 | |
Skyler Grey | db1f1d9 | 2023-10-22 16:43:45 +0000 | [diff] [blame] | 214 | # https://www.nginx.com/resources/wiki/start/topics/examples/full/ |
Skyler Grey | c0a6247 | 2023-10-18 23:29:13 +0000 | [diff] [blame] | 215 | |
Skyler Grey | db1f1d9 | 2023-10-22 16:43:45 +0000 | [diff] [blame] | 216 | /* * |
| 217 | Internal needs to be a string that is both a host and a port, e.g. generic:1000 |
| 218 | External should only be a port |
| 219 | Protocol should be TCP or UDP |
| 220 | */ |
Skyler Grey | 06e9c2b | 2023-10-22 22:34:07 +0000 | [diff] [blame] | 221 | ProxyStream = external: internal: protocol: { |
| 222 | inherit external internal protocol; |
| 223 | haproxy = true; |
| 224 | }; |
Skyler Grey | db1f1d9 | 2023-10-22 16:43:45 +0000 | [diff] [blame] | 225 | Stream = external: internal: protocol: { |
| 226 | inherit external internal protocol; |
Skyler Grey | 06e9c2b | 2023-10-22 22:34:07 +0000 | [diff] [blame] | 227 | haproxy = false; |
Skyler Grey | db1f1d9 | 2023-10-22 16:43:45 +0000 | [diff] [blame] | 228 | }; |
Skyler Grey | c0a6247 | 2023-10-18 23:29:13 +0000 | [diff] [blame] | 229 | |
Skyler Grey | db1f1d9 | 2023-10-22 16:43:45 +0000 | [diff] [blame] | 230 | Alias = host: alias: { |
| 231 | inherit host; |
| 232 | aliases = [ alias ]; |
| 233 | type = "aliases"; |
| 234 | }; |
Skyler Grey | c0a6247 | 2023-10-18 23:29:13 +0000 | [diff] [blame] | 235 | |
Skyler Grey | db1f1d9 | 2023-10-22 16:43:45 +0000 | [diff] [blame] | 236 | Aliases = host: aliases: { |
| 237 | inherit host aliases; |
| 238 | type = "aliases"; |
| 239 | }; |
Skyler Grey | c0a6247 | 2023-10-18 23:29:13 +0000 | [diff] [blame] | 240 | } |
| 241 | |