69 lines
1.9 KiB
Nix
69 lines
1.9 KiB
Nix
{ zentralwerk, hostRegistry, nixosConfigurations, config, pkgs, lib, ... }:
|
|
|
|
{
|
|
imports = [
|
|
./proxy.nix
|
|
./stats.nix
|
|
];
|
|
|
|
networking.hostName = "public-access-proxy";
|
|
networking.useNetworkd = true;
|
|
networking.interfaces.eth0 = {
|
|
ipv4.addresses = [{
|
|
address = "172.20.73.45";
|
|
prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
|
|
}];
|
|
};
|
|
networking.defaultGateway = "172.20.73.1";
|
|
|
|
my.services.proxy = {
|
|
enable = true;
|
|
proxyHosts = [
|
|
# Manual forwarding configurations
|
|
{
|
|
hostNames = [ "vps1.nixvita.de" "vps1.codetu.be" "nixvita.de" ];
|
|
proxyTo.host = "172.20.73.51";
|
|
matchArg = "-m end";
|
|
}
|
|
{
|
|
hostNames = [ "jabber.c3d2.de" ];
|
|
proxyTo = {
|
|
host = hostRegistry.hosts.jabber.ip4;
|
|
httpPort = 5820;
|
|
httpsPort = 5821;
|
|
};
|
|
matchArg = "-m end";
|
|
}
|
|
] ++
|
|
# Generated forwarding configurations from other nixosConfigurations
|
|
map (host:
|
|
let
|
|
nixosConfig = nixosConfigurations."${host}".config;
|
|
in {
|
|
hostNames =
|
|
builtins.filter (vhost: vhost != "localhost") (
|
|
builtins.concatMap (vhost:
|
|
let
|
|
vhostConfig = nixosConfig.services.nginx.virtualHosts."${vhost}";
|
|
in [ vhost ] ++ vhostConfig.serverAliases
|
|
) (builtins.attrNames nixosConfig.services.nginx.virtualHosts)
|
|
);
|
|
proxyTo.host =
|
|
if hostRegistry.hosts."${host}" ? ip4
|
|
then hostRegistry.hosts."${host}".ip4
|
|
else if hostRegistry.hosts."${host}" ? ip6
|
|
then "[${hostRegistry.hosts."${host}".ip6}]"
|
|
else throw "No known addresses for ${host}";
|
|
}
|
|
) (builtins.attrNames (
|
|
lib.filterAttrs (_: nixos:
|
|
nixos.config.services.nginx.enable
|
|
) nixosConfigurations
|
|
));
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
|
|
|
system.stateVersion = "18.09";
|
|
}
|