From 657ee2098d1cb8984bca401cac6d327b13ebbb54 Mon Sep 17 00:00:00 2001
From: Gabriel Arazas <foodogsquared@foodogsquared.one>
Date: Mon, 23 Jan 2023 00:30:08 +0800
Subject: [PATCH] hosts/plover: update private network hosting for various
 applications

---
 hosts/plover/modules/hardware/networks.nix | 4 ----
 hosts/plover/modules/services/atuin.nix    | 8 +++-----
 hosts/plover/modules/services/keycloak.nix | 6 +++---
 3 files changed, 6 insertions(+), 12 deletions(-)

diff --git a/hosts/plover/modules/hardware/networks.nix b/hosts/plover/modules/hardware/networks.nix
index 54d293c7..08b31f15 100644
--- a/hosts/plover/modules/hardware/networks.nix
+++ b/hosts/plover/modules/hardware/networks.nix
@@ -33,8 +33,4 @@ rec {
   wireguardIPv6 = "fdee:b0de:54e6:ae74::";
   wireguardIPv6LengthPrefix = 64;
   wireguardPort = 51820;
-
-  # Applications that are supposed to be internal.
-  atuinHostIP = privateNetworkHostPart 3;
-  keycloakHost = privateNetworkHostPart 4;
 }
diff --git a/hosts/plover/modules/services/atuin.nix b/hosts/plover/modules/services/atuin.nix
index 3e509aba..092d75fb 100644
--- a/hosts/plover/modules/services/atuin.nix
+++ b/hosts/plover/modules/services/atuin.nix
@@ -4,9 +4,9 @@
 { config, lib, pkgs, ... }:
 
 let
-  atuinDomain = "atuin.${config.networking.domain}";
+  inherit (import ../hardware/networks.nix) preferredInternalTLD privateIP';
 
-  inherit (import ../hardware/networks.nix) atuinHost;
+  atuinDomain = "atuin.${config.networking.domain}.${preferredInternalTLD}";
 in
 {
   # Atuin sync server because why not.
@@ -15,7 +15,7 @@ in
     openFirewall = true;
     openRegistration = false;
 
-    host = atuinHost;
+    host = privateIP';
     port = 8965;
   };
 
@@ -32,8 +32,6 @@ in
 
   # Putting it altogether in the reverse proxy of choice.
   services.nginx.virtualHosts."${atuinDomain}" = {
-    forceSSL = true;
-    enableACME = true;
     locations."/" = {
       proxyPass = "http://localhost:${toString config.services.atuin.port}";
     };
diff --git a/hosts/plover/modules/services/keycloak.nix b/hosts/plover/modules/services/keycloak.nix
index 14160ace..3672a82f 100644
--- a/hosts/plover/modules/services/keycloak.nix
+++ b/hosts/plover/modules/services/keycloak.nix
@@ -2,7 +2,7 @@
 { config, lib, pkgs, ... }:
 
 let
-  inherit (import ../hardware/networks.nix) keycloakHost;
+  inherit (import ../hardware/networks.nix) privateIP';
 
   authDomain = "auth.${config.networking.domain}";
 
@@ -27,7 +27,7 @@ in
     };
 
     settings = {
-      host = keycloakHost;
+      host = privateIP';
 
       db-schema = keycloakDbName;
 
@@ -75,7 +75,7 @@ in
     # This is based from the reverse proxy guide from the official
     # documentation at https://www.keycloak.org/server/reverseproxy.
     locations = let
-      keycloakPath = path: "http://${keycloakHost}:${toString config.services.keycloak.settings.http-port}";
+      keycloakPath = path: "http://${privateIP'}:${toString config.services.keycloak.settings.http-port}";
     in
     lib.listToAttrs
       (lib.lists.map