foodogsquared/nixos-config
1
0
Fork 0
mirror of https://github.com/foo-dogsquared/nixos-config.git synced 2025-01-31 16:57:55 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
435c683c93
nixos-config/configs/nixos/plover/modules/services/wezterm-mux-server.nix
Gabriel Arazas 0760acb676
configs: consolidate NixOS and home-manager config into one configs folder 
Now we're going beyond these structuring as we might have to accomodate
non-system configurations like Nixvim.
2024-01-15 07:45:43 +08:00

65 lines
1.7 KiB
Nix
Raw Blame History

{ config, lib, pkgs, ... }:
# We're setting up Wezterm mux server with TLS domains.
let
hostCfg = config.hosts.plover;
cfg = hostCfg.services.wezterm-mux-server;
weztermDomain = "mux.${config.networking.domain}";
port = 9801;
listenAddress = "localhost:${builtins.toString port}";
configFile = pkgs.substituteAll {
src = ../../config/wezterm/config.lua;
listen_address = listenAddress;
};
in
{
options.hosts.plover.services.wezterm-mux-server.enable =
lib.mkEnableOption "Wezterm mux server setup";
config = lib.mkIf cfg.enable (lib.mkMerge [
{
services.wezterm-mux-server = {
enable = true;
inherit configFile;
};
systemd.services.wezterm-mux-server = {
requires = [ "acme-finished-${weztermDomain}.target" ];
environment.WEZTERM_LOG = "info";
serviceConfig = {
LoadCredential =
let
certDir = config.security.acme.certs."${weztermDomain}".directory;
credentialCertPath = path: "${path}:${certDir}/${path}";
in
[
(credentialCertPath "key.pem")
(credentialCertPath "cert.pem")
(credentialCertPath "fullchain.pem")
];
};
};
security.acme.certs."${weztermDomain}".postRun = ''
systemctl restart wezterm-mux-server.service
'';
}
# TODO: where mux.foodogsquared.one setup
(lib.mkIf hostCfg.services.reverse-proxy.enable {
services.nginx.streamConfig = ''
upstream wezterm {
server ${listenAddress};
}
server {
listen ${builtins.toString port};
proxy_pass wezterm;
}
'';
})
]);
}
Reference in New Issue View Git Blame Copy Permalink