From ba7f32ddcb44b94a5b8973fe76a18e2aa9b5b6eb Mon Sep 17 00:00:00 2001
From: arcnmx <git@git.arcn.mx>
Date: Mon, 22 Jan 2024 14:13:49 -0800
Subject: [PATCH] refactor(nginx): websocket proxy settings

---
 modules/nixos/nginx-websocket.nix | 34 +++++++++++++++++++++++++++++++
 nixos/access/plex.nix             | 16 +++++++--------
 nixos/access/proxmox.nix          |  6 +++---
 nixos/access/zigbee2mqtt.nix      | 22 +++++++-------------
 4 files changed, 52 insertions(+), 26 deletions(-)
 create mode 100644 modules/nixos/nginx-websocket.nix

diff --git a/modules/nixos/nginx-websocket.nix b/modules/nixos/nginx-websocket.nix
new file mode 100644
index 00000000..5e99af60
--- /dev/null
+++ b/modules/nixos/nginx-websocket.nix
@@ -0,0 +1,34 @@
+{
+  lib,
+  ...
+}: let
+  inherit (lib.modules) mkIf;
+  inherit (lib.options) mkOption mkEnableOption;
+  wsModule = { config, ... }: {
+    options = with lib.types; {
+      proxy.websocket.enable = mkEnableOption "websocket proxy";
+    };
+    config = mkIf config.proxy.websocket.enable {
+      extraConfig = ''
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+      '';
+    };
+  };
+  hostModule = { config, ... }: {
+    imports = [ wsModule ];
+
+    options = with lib.types; {
+      locations = mkOption {
+        type = attrsOf (submodule wsModule);
+      };
+    };
+  };
+in {
+  options = with lib.types; {
+    services.nginx.virtualHosts = mkOption {
+      type = attrsOf (submodule hostModule);
+    };
+  };
+}
diff --git a/nixos/access/plex.nix b/nixos/access/plex.nix
index eb07de08..8da2effd 100644
--- a/nixos/access/plex.nix
+++ b/nixos/access/plex.nix
@@ -4,7 +4,7 @@
   ...
 }: let
   inherit (lib.options) mkOption;
-  inherit (lib.modules) mkIf;
+  inherit (lib.modules) mkIf mkOptionDefault;
   cfg = config.services.plex;
   access = config.services.nginx.access.plex;
 in {
@@ -23,7 +23,7 @@ in {
   };
   config.services.nginx = {
     access.plex = mkIf cfg.enable {
-      url = "http://localhost:32400";
+      url = mkOptionDefault "http://localhost:32400";
     };
     virtualHosts = let
       extraConfig = ''
@@ -46,18 +46,18 @@ in {
         proxy_redirect off;
         proxy_buffering off;
       '';
+      location = {
+        proxy.websocket.enable = true;
+        proxyPass = access.url;
+      };
     in {
       ${access.domain} = {
-        locations."/" = {
-          proxyPass = access.url;
-        };
+        locations."/" = location;
         inherit extraConfig;
       };
       ${access.localDomain} = {
         local.enable = true;
-        locations."/" = {
-          proxyPass = access.url;
-        };
+        locations."/" = location;
         inherit extraConfig;
       };
     };
diff --git a/nixos/access/proxmox.nix b/nixos/access/proxmox.nix
index 7d20beaa..fad1a965 100644
--- a/nixos/access/proxmox.nix
+++ b/nixos/access/proxmox.nix
@@ -59,12 +59,10 @@ in {
       '';
     };
     locations."/prox/api2/" = {
+      proxy.websocket.enable = true;
       proxyPass = "${proxyPass}api2/";
       extraConfig = ''
         internal;
-        proxy_http_version 1.1;
-        proxy_set_header Upgrade $http_upgrade;
-        proxy_set_header Connection "upgrade";
       '';
     };
   };
@@ -73,6 +71,7 @@ in {
     forceSSL = mkDefault true;
     inherit sslCertificate sslCertificateKey;
     locations."/" = {
+      proxy.websocket.enable = true;
       inherit proxyPass;
     };
   };
@@ -80,6 +79,7 @@ in {
     local.enable = mkDefault true;
     inherit sslCertificate sslCertificateKey;
     locations."/" = {
+      proxy.websocket.enable = true;
       inherit proxyPass;
     };
   };
diff --git a/nixos/access/zigbee2mqtt.nix b/nixos/access/zigbee2mqtt.nix
index 75331c85..11bbacc7 100644
--- a/nixos/access/zigbee2mqtt.nix
+++ b/nixos/access/zigbee2mqtt.nix
@@ -8,12 +8,10 @@ let
   inherit (lib.modules) mkIf mkDefault mkOptionDefault;
   cfg = config.services.zigbee2mqtt;
   access = config.services.nginx.access.zigbee2mqtt;
-  proxyPass = mkDefault "http://${access.host}:${toString access.port}";
-  extraConfig = ''
-    proxy_set_header Upgrade $http_upgrade;
-    proxy_set_header Connection "upgrade";
-    proxy_http_version 1.1;
-  '';
+  location = {
+    proxy.websocket.enable = true;
+    proxyPass = mkDefault "http://${access.host}:${toString access.port}";
+  };
 in {
   options.services.nginx.access.zigbee2mqtt = with lib.types; {
     host = mkOption {
@@ -41,21 +39,15 @@ in {
     virtualHosts = {
       ${access.domain} = {
         vouch.enable = true;
-        locations."/" = {
-          inherit proxyPass extraConfig;
-        };
+        locations."/" = location;
       };
       ${access.localDomain} = {
         local.enable = true;
-        locations."/" = {
-          inherit proxyPass extraConfig;
-        };
+        locations."/" = location;
       };
       "z2m.tail.${config.networking.domain}" = mkIf config.services.tailscale.enable {
         local.enable = true;
-        locations."/" = {
-          inherit proxyPass extraConfig;
-        };
+        locations."/" = location;
       };
     };
   };