Move all nixos-modules out of qois subfolder
This commit is contained in:
parent
d49f58265f
commit
97d1a30329
22 changed files with 3 additions and 14 deletions
145
nixos-modules/static-page/default.nix
Normal file
145
nixos-modules/static-page/default.nix
Normal file
|
|
@ -0,0 +1,145 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
|
||||
let
|
||||
cfg = config.qois.static-page;
|
||||
in
|
||||
with lib;
|
||||
{
|
||||
imports = [ ./default-pages.nix ];
|
||||
|
||||
options.qois.static-page =
|
||||
let
|
||||
pageType =
|
||||
{ name, ... }:
|
||||
{
|
||||
options = {
|
||||
domain = mkOption {
|
||||
type = types.str;
|
||||
default = name;
|
||||
description = ''
|
||||
Primary domain, under which the site is served.
|
||||
Only ASCII Domains are supported at this time.
|
||||
Note that changing this changes the root folder of the vhost in /var/lib/nginx-$domain/root and the ssh user to "nginx-$domain".
|
||||
'';
|
||||
};
|
||||
|
||||
domainAliases = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [ ];
|
||||
description = "Domain aliases which are forwarded to the primary domain";
|
||||
};
|
||||
|
||||
authorizedKeys = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [ ];
|
||||
description = "SSH keys for deployment";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
;
|
||||
in
|
||||
{
|
||||
enable = mkEnableOption "Enable static-page hosting";
|
||||
pages = mkOption {
|
||||
type = types.attrsOf (types.submodule (pageType));
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable (
|
||||
let
|
||||
pageConfigs = concatMapAttrs (
|
||||
name: page:
|
||||
let
|
||||
home = "/var/lib/nginx-${page.domain}";
|
||||
in
|
||||
{
|
||||
"${page.domain}" = page // {
|
||||
inherit home;
|
||||
user = "${config.services.nginx.user}-${page.domain}";
|
||||
root = "${home}/root";
|
||||
};
|
||||
}
|
||||
) cfg.pages;
|
||||
|
||||
in
|
||||
{
|
||||
networking.hosts."127.0.0.1" = pipe pageConfigs [
|
||||
attrValues
|
||||
(map (page: [ page.domain ] ++ page.domainAliases))
|
||||
flatten
|
||||
];
|
||||
|
||||
users = {
|
||||
groups = concatMapAttrs (
|
||||
name:
|
||||
{ user, ... }:
|
||||
{
|
||||
"${user}" = { };
|
||||
}
|
||||
) pageConfigs;
|
||||
users =
|
||||
{
|
||||
${config.services.nginx.user}.extraGroups = mapAttrsToList (domain: getAttr "user") pageConfigs;
|
||||
}
|
||||
// (concatMapAttrs (
|
||||
name:
|
||||
{
|
||||
user,
|
||||
home,
|
||||
authorizedKeys,
|
||||
...
|
||||
}:
|
||||
{
|
||||
${user} = {
|
||||
inherit home;
|
||||
isSystemUser = true;
|
||||
useDefaultShell = true;
|
||||
homeMode = "750";
|
||||
createHome = true;
|
||||
group = user;
|
||||
openssh.authorizedKeys.keys = authorizedKeys;
|
||||
};
|
||||
}
|
||||
) pageConfigs);
|
||||
};
|
||||
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
virtualHosts =
|
||||
let
|
||||
defaultVhostConfig = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
kTLS = true;
|
||||
};
|
||||
mkVhost =
|
||||
{ root, ... }:
|
||||
defaultVhostConfig
|
||||
// {
|
||||
inherit root;
|
||||
};
|
||||
mkAliasVhost =
|
||||
{ domainAliases, domain, ... }:
|
||||
if (domainAliases == [ ]) then
|
||||
{ }
|
||||
else
|
||||
({
|
||||
"${head domainAliases}" = defaultVhostConfig // {
|
||||
serverAliases = tail domainAliases;
|
||||
globalRedirect = domain;
|
||||
};
|
||||
});
|
||||
aliasVhosts = concatMapAttrs (name: mkAliasVhost) pageConfigs;
|
||||
|
||||
in
|
||||
aliasVhosts // (mapAttrs (name: mkVhost) pageConfigs);
|
||||
};
|
||||
}
|
||||
);
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue