From 9f5ebdba424ea021b085e3cad3f1ec1e1710f658 Mon Sep 17 00:00:00 2001 From: arcnmx Date: Fri, 9 Aug 2024 12:14:33 -0700 Subject: [PATCH] chore(access): bring back octoprint --- nixos/access/octoprint.nix | 60 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 nixos/access/octoprint.nix diff --git a/nixos/access/octoprint.nix b/nixos/access/octoprint.nix new file mode 100644 index 00000000..1d3d32a6 --- /dev/null +++ b/nixos/access/octoprint.nix @@ -0,0 +1,60 @@ +{ + config, + lib, + ... +}: let + inherit (lib.modules) mkIf mkDefault; + inherit (config.services) octoprint; + name.shortServer = mkDefault "print"; + upstreamName = "octoprint'access"; +in { + config.services.nginx = { + upstreams'.${upstreamName}.servers = { + local = { + enable = mkDefault octoprint.enable; + addr = mkDefault "localhost"; + port = mkIf octoprint.enable (mkDefault octoprint.port); + }; + service = {upstream, ...}: { + enable = mkIf upstream.servers.local.enable (mkDefault false); + accessService = { + name = "octoprint"; + # XXX: logistics doesn't listen on v6 + getAddressFor = "getAddress4For"; + }; + }; + }; + virtualHosts = let + copyFromVhost = mkDefault "octoprint"; + locations = { + "/" = { + proxy.enable = true; + }; + "/sockjs/" = { + proxy = { + enable = true; + websocket.enable = true; + }; + }; + # TODO: unprotect timelapse download links via vouch? may also need guest permissions... + # TODO: make a view alternate location prefix that changes content-type? + }; + in { + octoprint = { + inherit name locations; + proxy.upstream = mkDefault upstreamName; + vouch.enable = mkDefault true; + }; + octoprint'local = { + inherit name locations; + ssl.cert = { + inherit copyFromVhost; + }; + proxy = { + inherit copyFromVhost; + }; + local.enable = mkDefault true; + }; + }; + }; +}