2023-03-07 02:26:07 +02:00
|
|
|
{ config, depot, lib, pkgs, tools, ... }:
|
2022-08-09 21:10:25 +03:00
|
|
|
|
|
|
|
|
let
|
|
|
|
|
importWebsites = expr: import expr {
|
|
|
|
|
tools = tools.nginx;
|
2023-03-07 02:26:07 +02:00
|
|
|
inherit (depot) packages;
|
2022-08-09 21:10:25 +03:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
websites = tools.nginx.mappers.mapSubdomains (importWebsites ./websites.nix);
|
|
|
|
|
|
|
|
|
|
acmeUseDNS = name: conf: {
|
|
|
|
|
name = conf.useACMEHost or conf.serverName or name;
|
|
|
|
|
value = {
|
|
|
|
|
dnsProvider = "pdns";
|
|
|
|
|
webroot = null;
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
isACME = _: conf: conf ? enableACME && conf.enableACME;
|
|
|
|
|
in {
|
|
|
|
|
services.nginx.virtualHosts = websites;
|
|
|
|
|
security.acme.certs = lib.mapAttrs' acmeUseDNS (lib.filterAttrs isACME websites);
|
2023-03-06 01:36:17 +02:00
|
|
|
|
|
|
|
|
consul.services.nginx = {
|
|
|
|
|
mode = "external";
|
2023-03-06 17:42:14 +02:00
|
|
|
definition = {
|
2023-03-06 01:36:17 +02:00
|
|
|
name = "static-lb";
|
|
|
|
|
address = lib.toLower "${config.networking.hostName}.${config.networking.domain}";
|
|
|
|
|
port = 443;
|
|
|
|
|
checks = lib.singleton {
|
|
|
|
|
interval = "60s";
|
|
|
|
|
tcp = "127.0.0.1:80";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
2022-08-09 21:10:25 +03:00
|
|
|
}
|
