2021-10-06 21:55:43 +02:00
|
|
|
{ hostRegistry, nixosConfigurations, config, pkgs, lib, ... }:
|
2019-03-31 21:46:51 +02:00
|
|
|
|
|
|
|
{
|
2021-02-22 11:45:12 +01:00
|
|
|
imports = [
|
|
|
|
./proxy.nix
|
2021-09-09 18:21:38 +02:00
|
|
|
./stats.nix
|
2021-02-22 11:45:12 +01:00
|
|
|
];
|
2019-03-31 21:46:51 +02:00
|
|
|
|
|
|
|
networking.hostName = "public-access-proxy";
|
2019-06-22 15:05:13 +02:00
|
|
|
networking.useNetworkd = true;
|
2020-05-22 19:07:07 +02:00
|
|
|
networking.interfaces.eth0 = {
|
2021-02-22 11:45:12 +01:00
|
|
|
ipv4.addresses = [{
|
|
|
|
address = "172.20.73.45";
|
|
|
|
prefixLength = 26;
|
|
|
|
}];
|
2020-05-22 19:07:07 +02:00
|
|
|
};
|
|
|
|
networking.defaultGateway = "172.20.73.1";
|
2019-03-31 21:46:51 +02:00
|
|
|
|
2019-04-01 03:15:39 +02:00
|
|
|
my.services.proxy = {
|
2019-03-31 21:46:51 +02:00
|
|
|
enable = true;
|
|
|
|
proxyHosts = [
|
2021-10-06 21:55:43 +02:00
|
|
|
# Manual forwarding configurations
|
2021-06-23 21:26:51 +02:00
|
|
|
{
|
2021-09-03 20:49:02 +02:00
|
|
|
hostNames = [ "vps1.nixvita.de" "vps1.codetu.be" "nixvita.de" ];
|
2021-09-09 16:44:23 +02:00
|
|
|
proxyTo.host = "172.20.73.51";
|
2021-10-06 21:55:43 +02:00
|
|
|
matchArg = "-m end";
|
|
|
|
}
|
|
|
|
] ++
|
|
|
|
# Generated forwarding configurations from other nixosConfigurations
|
|
|
|
map (host:
|
|
|
|
let
|
|
|
|
nixosConfig = nixosConfigurations.${host}.config;
|
|
|
|
in {
|
|
|
|
hostNames =
|
|
|
|
builtins.filter (vhost: vhost != "localhost") (
|
|
|
|
builtins.concatMap (vhost:
|
|
|
|
let
|
|
|
|
vhostConfig = nixosConfig.services.nginx.virtualHosts.${vhost};
|
|
|
|
in [ vhost ] ++ vhostConfig.serverAliases
|
|
|
|
) (builtins.attrNames nixosConfig.services.nginx.virtualHosts)
|
|
|
|
);
|
|
|
|
proxyTo.host =
|
|
|
|
if hostRegistry.hosts.${host} ? ip6
|
|
|
|
then "[${hostRegistry.hosts.${host}.ip6}]"
|
|
|
|
else if hostRegistry.hosts.${host} ? ip4
|
|
|
|
then hostRegistry.hosts.${host}.ip4
|
|
|
|
else throw "No known addresses for ${host}";
|
|
|
|
}
|
|
|
|
) (builtins.attrNames (
|
|
|
|
lib.filterAttrs (_: nixos:
|
|
|
|
nixos.config.services.nginx.enable
|
|
|
|
) nixosConfigurations
|
|
|
|
));
|
2019-03-31 21:46:51 +02:00
|
|
|
};
|
|
|
|
|
2021-02-22 11:45:12 +01:00
|
|
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
2019-03-31 21:46:51 +02:00
|
|
|
|
2021-09-09 16:44:23 +02:00
|
|
|
system.stateVersion = "18.09";
|
2019-03-31 21:46:51 +02:00
|
|
|
}
|