gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 12:29:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

refactor(nginx): upstream host option

Browse source
This commit is contained in:
arcnmx 2024-04-27 11:44:58 -07:00
parent b1676079ef
commit c2c8cadc2e
5 changed files with 45 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

9
modules/nixos/nginx/proxy.nix
View file

@ -51,6 +51,7 @@ let
inherit (lib.options) mkOption mkEnableOption;
inherit (lib.modules) mkIf mkMerge mkBefore mkOptionDefault;
inherit (lib.attrsets) filterAttrs mapAttrsToList;
inherit (lib.lists) optional;
inherit (lib.strings) hasPrefix removeSuffix optionalString concatStringsSep;
inherit (lib.trivial) mapNullable;
inherit (nixosConfig.services) nginx;
@ -125,7 +126,8 @@ let
upstream = nginx.upstreams'.${cfg.upstream};
upstreamServer = upstream.servers.${upstream.defaultServerName};
dynamicUpstream = hasPrefix "$" cfg.upstream;
hasUpstream = cfg.upstream != null && !dynamicUpstream && upstream.defaultServerName != null;
hasUpstream = cfg.upstream != null && !dynamicUpstream;
hasUpstreamServer = upstream.defaultServerName != null;
recommendedHeaders = {
Host = if cfg.host == null then xvars.get.proxy_hostport else cfg.host;
Referer = xvars.get.referer;
@ -139,6 +141,7 @@ let
http = 80;
https = 443;
}.${cfg.parsed.scheme} or (throw "unsupported proxy_scheme ${toString cfg.parsed.scheme}");
upstreamHost = coalesce ([ upstream.host ] ++ optional hasUpstreamServer upstreamServer.addr);
port = coalesce [ cfg.parsed.port schemePort ];
hostport = cfg.parsed.host + optionalString (port != schemePort) ":${toString port}";
initProxyVars = let
@ -239,11 +242,11 @@ let
mapNullable (_: url.path) config.proxyPass
);
host = mkOptionDefault (
if hasUpstream then assert url.host == upstream.name; upstreamServer.addr
if hasUpstream then assert url.host == upstream.name; upstreamHost
else mapNullable (_: url.host) config.proxyPass
);
port = mkOptionDefault (
if hasUpstream && url.port == null then assert url.host == upstream.name; upstreamServer.port
if hasUpstream && hasUpstreamServer && url.port == null then assert url.host == upstream.name; upstreamServer.port
else mapNullable (_: url.port) config.proxyPass
);
};

5
modules/nixos/nginx/upstream.nix
View file

@ -149,6 +149,10 @@ let
servers = mkOption {
type = attrsOf upstreamServer;
};
host = mkOption {
type = nullOr str;
default = null;
};
ssl = {
enable = mkEnableOption "ssl upstream";
host = mkOption {
@ -276,6 +280,7 @@ let
enable = mkAlmostOptionDefault (if hasUpstream then proxyUpstream.ssl.enable else false);
host = mkIf hasUpstream (mkAlmostOptionDefault proxyUpstream.ssl.host);
};
host = mkIf (hasUpstream && proxyUpstream.host != null) (mkAlmostOptionDefault proxyUpstream.host);
};
};
};

2
modules/nixos/nginx/vouch.nix
View file

@ -261,7 +261,7 @@ in {
then "localhost"
else listen;
in {
# TODO: serviceAccess.exportedId = "login";
# TODO: accessService.exportedId = "login";
enable = mkAlmostOptionDefault vouch-proxy.enable;
port = mkIf vouch-proxy.enable (mkOptionDefault port);
addr = mkIf vouch-proxy.enable (mkAlmostOptionDefault host);