diff --git a/modules/system/exports/fluidd.nix b/modules/system/exports/fluidd.nix deleted file mode 100644 index b78aa194..00000000 --- a/modules/system/exports/fluidd.nix +++ /dev/null @@ -1,42 +0,0 @@ -{ - config, - lib, - gensokyo-zone, - ... -}: let - inherit (gensokyo-zone.lib) mkAlmostOptionDefault; - inherit (lib.modules) mkIf; - systemConfig = config; -in { - config.exports.services.fluidd = {config, ...}: { - displayName = mkAlmostOptionDefault "Fluidd"; - id = mkAlmostOptionDefault "print"; - nixos = { - serviceAttr = "fluidd"; - assertions = let - mkAssertion = f: nixosConfig: let - cfg = nixosConfig.services.fluidd; - in - f nixosConfig cfg; - in - mkIf config.enable [ - (mkAssertion (nixosConfig: cfg: { - assertion = config.ports.default.port == nixosConfig.services.nginx.proxied.listenPort; - message = "port mismatch"; - })) - ]; - }; - defaults.port.listen = mkAlmostOptionDefault "lan"; - ports = { - default = { - port = mkAlmostOptionDefault systemConfig.exports.services.nginx.ports.proxied.port; - protocol = "http"; - status = { - enable = mkAlmostOptionDefault true; - gatus.settings.headers.Host = mkAlmostOptionDefault "fluidd_internal"; - }; - prometheus.exporter.enable = mkAlmostOptionDefault true; - }; - }; - }; -} diff --git a/nixos/access/kitchencam.nix b/nixos/access/kitchencam.nix index 18710a08..a61115d9 100644 --- a/nixos/access/kitchencam.nix +++ b/nixos/access/kitchencam.nix @@ -23,7 +23,7 @@ in { portName = "stream"; }; mkSubFilter = port: '' - sub_filter '${port.protocol}://kitchen.local.gensokyo.zone:${toString port.port}/' '/'; + sub_filter '${port.protocol}://$host:${toString port.port}/' '/'; ''; extraConfig = '' proxy_redirect off; diff --git a/nixos/access/moonraker.nix b/nixos/access/moonraker.nix new file mode 100644 index 00000000..b4fdee21 --- /dev/null +++ b/nixos/access/moonraker.nix @@ -0,0 +1,110 @@ +{ + config, + lib, + ... +}: let + inherit (lib.modules) mkIf mkMerge mkAfter mkDefault; + name.shortServer = mkDefault "print"; + upstreamName = "moonraker'access"; + upstreamNameMotion = "moonraker'motion"; + inherit (config.services) fluidd; + cfg = config.services.moonraker; +in { + config.services.nginx = { + upstreams'.${upstreamName} = { + servers = { + local = { + enable = mkDefault cfg.enable; + addr = mkDefault "localhost"; + port = mkIf cfg.enable (mkDefault cfg.port); + }; + service = {upstream, ...}: { + enable = mkIf upstream.servers.local.enable (mkDefault false); + accessService = { + name = "moonraker"; + }; + }; + }; + }; + upstreams'.${upstreamNameMotion} = { + servers.service = { + accessService = { + name = "motion"; + port = "stream"; + }; + }; + }; + virtualHosts = let + copyFromVhost = mkDefault "moonraker"; + root = "${fluidd.package}/share/fluidd/htdocs"; + locations = { + "/" = { + inherit root; + index = "index.html"; + tryFiles = "$uri $uri/ @moonraker"; + # XXX: gzip filter failed to use preallocated memory: 350272 of 336176 + extraConfig = '' + gzip off; + ''; + }; + "/index.html" = { + inherit root; + headers.set.Cache-Control = "no-store, no-cache, must-revalidate"; + }; + "/webcam" = { + proxy = { + enable = true; + upstream = upstreamNameMotion; + path = "/2/stream"; + }; + extraConfig = '' + proxy_buffering off; + set $args ""; + ''; + }; + "/websocket" = { + proxy = { + enable = true; + websocket.enable = true; + }; + }; + # TODO: "~ ^/(printer|api|access|machine|server)/" ? + "@moonraker" = { + proxy = { + enable = true; + path = mkDefault ""; + # TODO: path = mkDefault "$request_uri"; + }; + }; + }; + in { + moonraker = { + inherit name; + locations = mkMerge [ + locations + { + "/index.html".vouch.requireAuth = true; + "/webcam".vouch.requireAuth = true; + "/websocket".vouch.requireAuth = true; + "@moonraker".vouch.requireAuth = true; + } + ]; + proxy.upstream = mkDefault upstreamName; + vouch = { + enable = mkDefault true; + requireAuth = false; + }; + }; + moonraker'local = { + inherit name locations; + ssl.cert = { + inherit copyFromVhost; + }; + proxy = { + inherit copyFromVhost; + }; + local.enable = mkDefault true; + }; + }; + }; +} diff --git a/systems/hakurei/nixos.nix b/systems/hakurei/nixos.nix index 09cc4f5f..61294b50 100644 --- a/systems/hakurei/nixos.nix +++ b/systems/hakurei/nixos.nix @@ -42,7 +42,7 @@ in { nixos.access.grafana nixos.access.loki nixos.access.kitchencam - nixos.access.fluidd + nixos.access.moonraker nixos.access.openwebrx nixos.access.deluge nixos.access.home-assistant @@ -269,10 +269,10 @@ in { }; print = { inherit (nginx) group; - domain = virtualHosts.fluidd.serverName; + domain = virtualHosts.moonraker.serverName; extraDomainNames = mkMerge [ - virtualHosts.fluidd.otherServerNames - virtualHosts.fluidd'local.allServerNames + virtualHosts.moonraker.otherServerNames + virtualHosts.moonraker'local.allServerNames ]; }; webrx = { @@ -405,7 +405,7 @@ in { }; }; kitchencam.ssl.cert.enable = true; - fluidd.ssl.cert.enable = true; + moonraker.ssl.cert.enable = true; openwebrx.ssl.cert.enable = true; deluge.ssl.cert.enable = true; invidious = { diff --git a/systems/logistics/default.nix b/systems/logistics/default.nix index 7ac9c4e1..c4500e94 100644 --- a/systems/logistics/default.nix +++ b/systems/logistics/default.nix @@ -6,17 +6,13 @@ _: { ]; exports = { services = { - nginx = { - enable = true; - ports.proxied.enable = true; - }; + nginx.enable = true; motion = { id = "kitchen"; enable = true; ports.stream.port = 41081; }; moonraker.enable = true; - fluidd.enable = true; }; }; network.networks = { diff --git a/systems/logistics/nixos.nix b/systems/logistics/nixos.nix index c51a2b19..29bcd38a 100644 --- a/systems/logistics/nixos.nix +++ b/systems/logistics/nixos.nix @@ -20,7 +20,6 @@ in { nixos.cameras.logistics-webcam nixos.klipper nixos.moonraker - nixos.fluidd ./hardware-configuration.nix ];