rrvsh/pantheon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
pantheon/nix/lib/services.nix

60 lines
2 KiB
Nix
Raw Blame History

{ config, lib, ... }:
let
inherit (builtins) length concatStringsSep;
inherit (lib.options) mkEnableOption;
inherit (lib.strings) splitString;
inherit (lib.lists) singleton;
inherit (lib.modules) mkMerge mkIf;
inherit (cfg.lib.options) mkStrOption mkPortOption mkAttrOption;
inherit (cfg.lib.lists) shortenList;
cfg = config.flake;
in
{
flake.lib.services = rec {
splitDomain = domain: splitString "." domain;
isRootDomain = domain: length (splitDomain domain) <= 2;
mkRootDomain = domain: concatStringsSep "." (shortenList 2 (splitDomain domain));
mkWildcardDomain = rootDomain: concatStringsSep "." ((singleton "*") ++ (splitDomain rootDomain));
mkHost = domain: if isRootDomain domain then domain else mkWildcardDomain (mkRootDomain domain);
mkWebApp =
{
name,
defaultPort,
persistDirs ? [ ],
serviceConfig ? { },
extraOptions ? { },
}:
let
cfg = config.server.web-apps.${name};
in
{
options.server.web-apps.${name} = {
enable = mkEnableOption "";
port = mkPortOption defaultPort;
domain = mkStrOption "";
openFirewall = mkEnableOption "";
extraCfg = mkAttrOption { };
} // extraOptions;
config = mkIf cfg.enable (mkMerge [
{
inherit persistDirs;
networking.firewall = mkIf cfg.openFirewall { allowedTCPPorts = singleton cfg.port; };
}
(mkIf (cfg.domain != "") {
assertions = singleton {
assertion = config.server.web-servers.nginx.enable;
message = "You must enable a web server if you want to set server.web-apps.${name}.domain.";
};
server.networking.ddns.domains = singleton (mkRootDomain cfg.domain);
server.web-servers.nginx.proxies = singleton {
source = cfg.domain;
target = "http://${config.hostname}:${toString cfg.port}";
};
})
serviceConfig
cfg.extraCfg
]);
};
};
}
Reference in a new issue View git blame Copy permalink