gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 12:29:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

refactor(nginx): proxy options

Browse source
This commit is contained in:
arcnmx 2024-04-18 10:40:35 -07:00
parent c3f3fe1fed
commit 02508ecbd3
18 changed files with 638 additions and 424 deletions
Download patch file Download diff file Expand all files Collapse all files

27
nixos/access/unifi.nix
View file

@ -6,6 +6,7 @@
}: let
inherit (lib.modules) mkDefault;
inherit (config.services) nginx;
cfg = config.services.unifi;
in {
config.services.nginx = {
virtualHosts = let
@ -13,24 +14,34 @@ in {
proxy_redirect off;
proxy_buffering off;
'';
locations = {
"/" = {
proxy.enable = true;
};
"/wss/" = {
proxy = {
enable = true;
websocket.enable = true;
};
};
};
name.shortServer = mkDefault "unifi";
kTLS = mkDefault true;
in {
unifi = {
inherit name extraConfig kTLS;
inherit name extraConfig kTLS locations;
vouch.enable = mkDefault true;
ssl.force = mkDefault true;
locations."/" = {
proxyPass = mkDefault (access.proxyUrlFor { serviceName = "unifi"; portName = "management"; });
};
proxy.url = mkDefault (if cfg.enable
then "https://localhost:8443"
else access.proxyUrlFor { serviceName = "unifi"; portName = "management"; }
);
};
unifi'local = {
inherit name extraConfig kTLS;
inherit name extraConfig kTLS locations;
ssl.cert.copyFromVhost = "unifi";
local.enable = true;
locations."/" = {
proxyPass = mkDefault nginx.virtualHosts.unifi.locations."/".proxyPass;
};
proxy.url = mkDefault nginx.virtualHosts.unifi.proxy.url;
};
};
};