nginx proxy function

2024-06-04 21:23:35 +02:00 · 2024-06-04 21:23:35 +02:00 · 83be4937c4
commit 83be4937c4
parent b5f91441c8
1 changed files with 41 additions and 58 deletions
--- a/hosts/default/configuration.nix
+++ b/hosts/default/configuration.nix
@ -1,5 +1,5 @@
 # Edit this configuration file to define what should be installed on
-# your system.	Help is available in the configuration.nix(5) man page
+# your system.Help is available in the configuration.nix(5) man page
 # and in the NixOS manual (accessible by running ‘nixos-help’).

 { config, pkgs, inputs, nix-colors, ... }:
@ -49,7 +49,7 @@
      "127.0.0.1" = [ "images.noa.voorwaarts.nl" "sods.noa.voorwaarts.nl" "noa.voorwaarts.nl" "testing.noa.voorwaarts.nl" ];
    };
  };
-  # networking.wireless.enable = true;	# Enables wireless support via wpa_supplicant.
+  # networking.wireless.enable = true;# Enables wireless support via wpa_supplicant.

  # Configure network proxy if necessary
  # networking.proxy.default = "http://user:password@proxy:port/";
@ -232,7 +232,8 @@
      sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";

      virtualHosts =
-        let extra = ''
+        let
+          extra = ''
            client_max_body_size 50000M;

            proxy_set_header Host              $host;
@ -248,46 +249,28 @@
            proxy_read_timeout 600s;
            proxy_send_timeout 600s;
            send_timeout       600s;'';
+          proxy = port: {
+            forceSSL = true;
+            useACMEHost = "noa.voorwaarts.nl";
+            extraConfig = extra;
+            locations."/" = {
+              proxyPass = "http://127.0.0.1:${builtins.toString port}/";
+            };
+          };
        in
        {
          "noa.voorwaarts.nl" = {
            default = true;
            forceSSL = true;
            enableACME = true;
-
-          };
-
-          "images.noa.voorwaarts.nl" = {
-            forceSSL = true;
-            useACMEHost = "noa.voorwaarts.nl";
-            extraConfig = extra;
-            locations."/" = {
-              proxyPass = "http://127.0.0.1:2283/";
-            };
-          };
-
-          "testing.noa.voorwaarts.nl" = {
-            forceSSL = true;
-            useACMEHost = "noa.voorwaarts.nl";
-            extraConfig = extra;
-            locations."/" = {
-              proxyPass = "http://127.0.0.1:8000/";
-            };
-          };
-
-          "sods.noa.voorwaarts.nl" = {
-            forceSSL = true;
-            useACMEHost = "noa.voorwaarts.nl";
-            extraConfig = extra;
-            locations."/" = {
-              proxyPass = "http://127.0.0.1:2000/";
-            };
          };
+          "images.noa.voorwaarts.nl" = proxy 2283;
+          "testing.noa.voorwaarts.nl" = proxy 8000;
+          "sods.noa.voorwaarts.nl" = proxy 2000;
        };
    };
    openssh = {
      enable = true;
-
      settings.PasswordAuthentication = false;
      settings.KbdInteractiveAuthentication = false;
    };