60 lines
1.6 KiB
Nix
60 lines
1.6 KiB
Nix
{ hostRegistry, nixosConfigurations, config, pkgs, lib, ... }:
|
|
|
|
{
|
|
imports = [
|
|
./proxy.nix
|
|
./stats.nix
|
|
];
|
|
|
|
networking.hostName = "public-access-proxy";
|
|
networking.useNetworkd = true;
|
|
networking.interfaces.eth0 = {
|
|
ipv4.addresses = [{
|
|
address = "172.20.73.45";
|
|
prefixLength = 26;
|
|
}];
|
|
};
|
|
networking.defaultGateway = "172.20.73.1";
|
|
|
|
my.services.proxy = {
|
|
enable = true;
|
|
proxyHosts = [
|
|
# Manual forwarding configurations
|
|
{
|
|
hostNames = [ "vps1.nixvita.de" "vps1.codetu.be" "nixvita.de" ];
|
|
proxyTo.host = "172.20.73.51";
|
|
matchArg = "-m end";
|
|
}
|
|
] ++
|
|
# Generated forwarding configurations from other nixosConfigurations
|
|
map (host:
|
|
let
|
|
nixosConfig = nixosConfigurations.${host}.config;
|
|
in {
|
|
hostNames =
|
|
builtins.filter (vhost: vhost != "localhost") (
|
|
builtins.concatMap (vhost:
|
|
let
|
|
vhostConfig = nixosConfig.services.nginx.virtualHosts.${vhost};
|
|
in [ vhost ] ++ vhostConfig.serverAliases
|
|
) (builtins.attrNames nixosConfig.services.nginx.virtualHosts)
|
|
);
|
|
proxyTo.host =
|
|
if hostRegistry.hosts.${host} ? ip6
|
|
then "[${hostRegistry.hosts.${host}.ip6}]"
|
|
else if hostRegistry.hosts.${host} ? ip4
|
|
then hostRegistry.hosts.${host}.ip4
|
|
else throw "No known addresses for ${host}";
|
|
}
|
|
) (builtins.attrNames (
|
|
lib.filterAttrs (_: nixos:
|
|
nixos.config.services.nginx.enable
|
|
) nixosConfigurations
|
|
));
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
|
|
|
system.stateVersion = "18.09";
|
|
}
|