fix(nginx): proxied listen

2026-02-09 12:29:19 -08:00 · 2024-04-29 12:01:35 -07:00 · 2024-04-29 12:01:35 -07:00 · f9b02a03a4
commit f9b02a03a4
parent f2c7178486
18 changed files with 185 additions and 90 deletions
--- a/systems/utsuho/default.nix
+++ b/systems/utsuho/default.nix
@ -10,7 +10,10 @@ _: {
  exports = {
    services = {
      sshd.enable = true;
-      nginx.enable = true;
+      nginx = {
+        enable = true;
+        ports.proxied.enable = true;
+      };
      unifi.enable = true;
      mosquitto.enable = true;
      dnsmasq.enable = true;
--- a/systems/utsuho/nixos.nix
+++ b/systems/utsuho/nixos.nix
@ -18,18 +18,13 @@ in {
  ];

  services.cloudflared = let
-    inherit (nginx) virtualHosts defaultHTTPListenPort;
+    inherit (nginx) virtualHosts;
    tunnelId = "28bcd3fc-3467-4997-806b-546ba9995028";
-    localNginx = "http://localhost:${toString defaultHTTPListenPort}";
  in {
    tunnels.${tunnelId} = {
      default = "http_status:404";
      credentialsFile = config.sops.secrets.cloudflared-tunnel-utsuho.path;
-      ingress = {
-        ${virtualHosts.unifi.serverName} = {
-          service = localNginx;
-        };
-      };
+      ingress = virtualHosts.unifi.proxied.cloudflared.getIngress {};
    };
  };