gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-10 04:49:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions
infrastructure/modules/system/exports/nginx.nix
arcnmx 45705650bb refactor: system -> systemConfig
2024-06-23 11:32:01 -07:00

68 lines
2 KiB
Nix
Raw Blame History

{
lib,
gensokyo-zone,
...
}: let
inherit (gensokyo-zone.lib) mapAlmostOptionDefaults mkAlmostOptionDefault;
inherit (lib.modules) mkIf;
inherit (lib.attrsets) mapAttrs;
in {
config.exports.services.nginx = {
config,
systemConfig,
...
}: let
mkAssertion = f: nixosConfig: let
cfg = nixosConfig.services.nginx;
in
f nixosConfig cfg;
assertPorts = nixosConfig: cfg: {
assertion = config.ports.http.port == cfg.defaultHTTPListenPort && config.ports.https.port == cfg.defaultSSLListenPort;
message = "ports mismatch";
};
assertProxied = nixosConfig: cfg: {
assertion = config.ports.proxied.enable == cfg.proxied.enable;
message = "proxied mismatch";
};
assertProxiedPort = nixosConfig: cfg: {
assertion = !config.ports.proxied.enable || config.ports.proxied.port == cfg.proxied.listenPort;
message = "proxied.port mismatch";
};
in {
displayName = mkAlmostOptionDefault "NGINX/${systemConfig.name}";
nixos = {
serviceAttr = "nginx";
assertions = mkIf config.enable (map mkAssertion [
assertPorts
assertProxied
assertProxiedPort
]);
};
defaults.port.listen = mkAlmostOptionDefault "lan";
ports = {
http = {
port = mkAlmostOptionDefault 80;
protocol = "http";
status = {
enable = mkAlmostOptionDefault true;
gatus.http.statusCondition = mkAlmostOptionDefault "[STATUS] == any(200, 404)";
};
};
https = {
enable = mkAlmostOptionDefault false;
port = mkAlmostOptionDefault 443;
protocol = "https";
status = {
enable = mkAlmostOptionDefault config.ports.http.status.enable;
gatus.http.statusCondition = mkAlmostOptionDefault config.ports.http.status.gatus.http.statusCondition;
};
};
proxied = {
enable = mkAlmostOptionDefault false;
port = mkAlmostOptionDefault 9080;
protocol = "http";
listen = "lan";
};
};
};
}
Reference in a new issue View git blame Copy permalink