From 12fff68eef5efcca7fd4f7a2da3e3dbe0a2a35f8 Mon Sep 17 00:00:00 2001
From: Max <max@privatevoid.net>
Date: Sat, 16 Oct 2021 17:03:53 +0200
Subject: [PATCH] tools/nginx: init

---
 tools/default.nix |  1 +
 tools/nginx.nix   | 48 +++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 49 insertions(+)
 create mode 100644 tools/nginx.nix

diff --git a/tools/default.nix b/tools/default.nix
index d73b696..097c069 100644
--- a/tools/default.nix
+++ b/tools/default.nix
@@ -3,6 +3,7 @@ let toolsets = {
 
     identity = import ./identity.nix { inherit toolsets; };
     networks = import ./networks.nix { inherit toolsets; };
+    nginx = import ./nginx.nix { inherit toolsets; };
   };
 in toolsets // {
   all = args: (builtins.mapAttrs (_: x: x args) toolsets) // { inherit (toolsets) meta; };
diff --git a/tools/nginx.nix b/tools/nginx.nix
new file mode 100644
index 0000000..73a93ba
--- /dev/null
+++ b/tools/nginx.nix
@@ -0,0 +1,48 @@
+# internal interface
+{ toolsets }:
+# external interface
+{ config ? null, lib ? null, domain ? toolsets.meta.domain, ... }:
+let
+  tools = (self: {
+
+    inherit domain;
+
+    mappers = {
+
+      mapSubdomains = with lib; mapAttrs' (k: v: nameValuePair "${k}.${domain}" v);
+
+    };
+
+    vhosts = with self.vhosts; {
+
+      basic = {
+        forceSSL = true;
+        enableACME = true;
+      };
+
+      redirect = target: basic // {
+        locations."/".return = "301 ${target}";
+      };
+
+      proxy = target: basic // {
+        locations."/".proxyPass = target;
+      };
+
+      static = root: basic // {
+        inherit root;
+      };
+
+      indexedStatic = root: (static root) // {
+        extraConfig = "autoindex on;";
+      };
+
+      simplePHP = root: (static root) // {
+        locations."~ \.php$".extraConfig = ''
+          fastcgi_pass  unix:${config.services.phpfpm.pools.www.socket};
+          fastcgi_index index.php;
+        '';
+      };
+
+    };
+  }) tools;
+in tools