From eb8b51939413a933efc478f41a83f789fc796ba3 Mon Sep 17 00:00:00 2001
From: arcnmx <git@git.arcn.mx>
Date: Tue, 18 Jun 2024 16:52:49 -0700
Subject: [PATCH] fix(hass): nfandroidtv proxy

the service on the TV is unreliable, so proxy it with a fake success
response when offline to satisfy the home-assistant integration
---
 modules/nixos/nginx/listen.nix         |  4 +-
 modules/nixos/nginx/upstream.nix       |  3 +-
 modules/system/exports/nfandroidtv.nix | 16 ++++++
 nixos/access/nfandroidtv.nix           | 72 ++++++++++++++++++++++++++
 systems/tei/nixos.nix                  |  1 +
 5 files changed, 93 insertions(+), 3 deletions(-)
 create mode 100644 modules/system/exports/nfandroidtv.nix
 create mode 100644 nixos/access/nfandroidtv.nix

diff --git a/modules/nixos/nginx/listen.nix b/modules/nixos/nginx/listen.nix
index 5df2ff87..4545ac64 100644
--- a/modules/nixos/nginx/listen.nix
+++ b/modules/nixos/nginx/listen.nix
@@ -113,7 +113,7 @@ let
     lib,
     ...
   }: let
-    inherit (gensokyo-zone.lib) mkAlmostOptionDefault;
+    inherit (gensokyo-zone.lib) mkAlmostOptionDefault mkAddress6;
     inherit (lib.options) mkOption;
     inherit (lib.modules) mkIf mkOptionDefault mkForce;
     inherit (lib.attrsets) attrValues mapAttrs;
@@ -123,7 +123,7 @@ let
     enabledCfg = filter (port: port.enable) cfg;
     mkListen = listen: addr: let
       listenAttrs = {
-        inherit addr;
+        addr = mkAddress6 addr;
         inherit (listen) port ssl extraParameters proxyProtocol;
       };
     in
diff --git a/modules/nixos/nginx/upstream.nix b/modules/nixos/nginx/upstream.nix
index 3fecea5d..da5dd3c8 100644
--- a/modules/nixos/nginx/upstream.nix
+++ b/modules/nixos/nginx/upstream.nix
@@ -216,10 +216,11 @@ let
 
     config = let
       enabledServers = filterAttrs (_: server: server.enable) config.servers;
+      activeServers = filterAttrs (_: server: server.settings.backup or false == false) enabledServers;
       assertServers = v: assert enabledServers != {}; v;
     in {
       ssl.enable = mkIf (any (server: server.ssl.enable) (attrValues enabledServers)) (mkAlmostOptionDefault true);
-      defaultServerName = findSingle (_: true) null null (attrNames enabledServers);
+      defaultServerName = findSingle (_: true) null null (attrNames activeServers);
       upstreamConfig = mkMerge (
         mapAttrsToList (_: server: mkIf server.enable server.serverDirective) config.servers
         ++ [config.extraConfig]
diff --git a/modules/system/exports/nfandroidtv.nix b/modules/system/exports/nfandroidtv.nix
new file mode 100644
index 00000000..f5db0476
--- /dev/null
+++ b/modules/system/exports/nfandroidtv.nix
@@ -0,0 +1,16 @@
+{
+  lib,
+  gensokyo-zone,
+  ...
+}: let
+  inherit (gensokyo-zone.lib) mkAlmostOptionDefault;
+in {
+  config.exports.services.nfandroidtv = {config, ...}: {
+    displayName = mkAlmostOptionDefault "Notifications for Android TV";
+    ports.default = {
+      port = mkAlmostOptionDefault 7676;
+      protocol = "http";
+      #status.enable = mkAlmostOptionDefault true;
+    };
+  };
+}
diff --git a/nixos/access/nfandroidtv.nix b/nixos/access/nfandroidtv.nix
new file mode 100644
index 00000000..2ae382e1
--- /dev/null
+++ b/nixos/access/nfandroidtv.nix
@@ -0,0 +1,72 @@
+{
+  config,
+  system,
+  lib,
+  ...
+}: let
+  inherit (lib.modules) mkIf mkDefault;
+  inherit (config.services) nginx;
+  inherit (system.exports.services) nfandroidtv;
+  upstreamName = "nfandroidtv'bedroom";
+in {
+  config.services.nginx = {
+    vouch.enable = true;
+    upstreams'.${upstreamName}.servers = {
+      android = {
+        settings.fail_timeout = mkDefault "5s";
+        addr = mkDefault "10.1.1.67";
+        port = mkDefault nfandroidtv.ports.default.port;
+        /*accessService = {
+          system = "bedroomtv";
+          name = "nfandroidtv";
+        };*/
+      };
+      fallback = let
+        virtualHost = nginx.virtualHosts.nfandroidtv'fallback;
+        listen = virtualHost.listen'.nfandroidtv;
+      in {
+        addr = mkDefault listen.addr;
+        port = mkDefault listen.port;
+        settings.backup = mkDefault true;
+      };
+    };
+    virtualHosts = let
+      locations = {
+        "/" = {
+          proxy.enable = true;
+        };
+      };
+      name.shortServer = mkDefault nfandroidtv.id;
+      listen'.nfandroidtv = {
+        port = nfandroidtv.ports.default.port;
+        extraParameters = ["default_server"];
+      };
+    in {
+      nfandroidtv'local = {
+        inherit name locations listen';
+        local.enable = true;
+        proxy.upstream = mkDefault upstreamName;
+      };
+      nfandroidtv'fallback = {
+        serverName = "@nfandroidtv_fallback";
+        locations."/" = {
+          extraConfig = ''
+            add_header Content-Type 'text/html';
+            return 200 'OK';
+          '';
+        };
+        listen'.nfandroidtv = {
+          addr = "127.0.0.1";
+          port = 7677;
+          extraParameters = ["default_server"];
+        };
+      };
+    };
+  };
+  config.networking.firewall.interfaces.lan = let
+    virtualHost = nginx.virtualHosts.nfandroidtv'local;
+    listen = virtualHost.listen'.nfandroidtv;
+  in mkIf (virtualHost.enable && listen.enable) {
+    allowedTCPPorts = [ listen.port ];
+  };
+}
diff --git a/systems/tei/nixos.nix b/systems/tei/nixos.nix
index 2c321ad0..1c2dfc6f 100644
--- a/systems/tei/nixos.nix
+++ b/systems/tei/nixos.nix
@@ -19,6 +19,7 @@ in {
     nixos.access.zigbee2mqtt
     nixos.access.grocy
     nixos.access.barcodebuddy
+    nixos.access.nfandroidtv
     nixos.home-assistant
     nixos.zigbee2mqtt
     nixos.syncplay