foodogsquared/nixos-config
1
0
Fork 0
mirror of https://github.com/foo-dogsquared/nixos-config.git synced 2025-02-12 06:19:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

hosts/plover: update private network hosting for various applications

Browse Source
This commit is contained in:
Gabriel Arazas 2023-01-23 00:30:08 +08:00
parent 4b377e527a
commit 657ee2098d
3 changed files with 6 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
hosts/plover/modules/hardware/networks.nix
View File

@ -33,8 +33,4 @@ rec {
wireguardIPv6 = "fdee:b0de:54e6:ae74::"; wireguardIPv6 = "fdee:b0de:54e6:ae74::";
wireguardIPv6LengthPrefix = 64; wireguardIPv6LengthPrefix = 64;
wireguardPort = 51820; wireguardPort = 51820;
# Applications that are supposed to be internal.
atuinHostIP = privateNetworkHostPart 3;
keycloakHost = privateNetworkHostPart 4;
} }

8
hosts/plover/modules/services/atuin.nix
View File

@ -4,9 +4,9 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let
atuinDomain = "atuin.${config.networking.domain}"; inherit (import ../hardware/networks.nix) preferredInternalTLD privateIP';
inherit (import ../hardware/networks.nix) atuinHost; atuinDomain = "atuin.${config.networking.domain}.${preferredInternalTLD}";
in in
{ {
# Atuin sync server because why not. # Atuin sync server because why not.
@ -15,7 +15,7 @@ in
openFirewall = true; openFirewall = true;
openRegistration = false; openRegistration = false;
host = atuinHost; host = privateIP';
port = 8965; port = 8965;
}; };
@ -32,8 +32,6 @@ in
# Putting it altogether in the reverse proxy of choice. # Putting it altogether in the reverse proxy of choice.
services.nginx.virtualHosts."${atuinDomain}" = { services.nginx.virtualHosts."${atuinDomain}" = {
forceSSL = true;
enableACME = true;
locations."/" = { locations."/" = {
proxyPass = "http://localhost:${toString config.services.atuin.port}"; proxyPass = "http://localhost:${toString config.services.atuin.port}";
}; };

6
hosts/plover/modules/services/keycloak.nix
View File

@ -2,7 +2,7 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let
inherit (import ../hardware/networks.nix) keycloakHost; inherit (import ../hardware/networks.nix) privateIP';
authDomain = "auth.${config.networking.domain}"; authDomain = "auth.${config.networking.domain}";
@ -27,7 +27,7 @@ in
}; };
settings = { settings = {
host = keycloakHost; host = privateIP';
db-schema = keycloakDbName; db-schema = keycloakDbName;
@ -75,7 +75,7 @@ in
# This is based from the reverse proxy guide from the official # This is based from the reverse proxy guide from the official
# documentation at https://www.keycloak.org/server/reverseproxy. # documentation at https://www.keycloak.org/server/reverseproxy.
locations = let locations = let
keycloakPath = path: "http://${keycloakHost}:${toString config.services.keycloak.settings.http-port}"; keycloakPath = path: "http://${privateIP'}:${toString config.services.keycloak.settings.http-port}";
in in
lib.listToAttrs lib.listToAttrs
(lib.lists.map (lib.lists.map