43 lines
1.1 KiB
Nix
43 lines
1.1 KiB
Nix
|
{ config, lib, pkgs, ... }:
|
||
|
|
let
|
||
|
|
port = 8888;
|
||
|
|
services = {
|
||
|
|
"media" = <secrets/media-proxy-auth>;
|
||
|
|
"scan" = <secrets/media-proxy-auth>;
|
||
|
|
"torrent" = <secrets/torrent-proxy-auth>;
|
||
|
|
};
|
||
|
|
in
|
||
|
|
{
|
||
|
|
options.sbruder.media-proxy.enable = lib.mkEnableOption "media proxy";
|
||
|
|
|
||
|
|
config.services.nginx = lib.mkIf config.sbruder.media-proxy.enable {
|
||
|
|
enable = true;
|
||
|
|
secrets = builtins.attrValues services;
|
||
|
|
virtualHosts.media-proxy = {
|
||
|
|
serverName = "localhost";
|
||
|
|
listen = [
|
||
|
|
{ inherit port; addr = "127.0.0.1"; }
|
||
|
|
{ inherit port; addr = "[::1]"; }
|
||
|
|
];
|
||
|
|
locations = {
|
||
|
|
"/".extraConfig = ''
|
||
|
|
rewrite ^/__assets/(.*)$ /media/__assets/$1;
|
||
|
|
'';
|
||
|
|
} // lib.mapAttrs'
|
||
|
|
(name: secret: {
|
||
|
|
name = "/${name}/";
|
||
|
|
value = {
|
||
|
|
proxyPass = "https://${name}.sbruder.de/";
|
||
|
|
proxyWebsockets = true;
|
||
|
|
extraConfig = ''
|
||
|
|
proxy_buffering off;
|
||
|
|
include /run/nginx/secrets/${lib.last (lib.splitString "/" (toString secret))};
|
||
|
|
charset utf-8;
|
||
|
|
'';
|
||
|
|
};
|
||
|
|
})
|
||
|
|
services;
|
||
|
|
};
|
||
|
|
};
|
||
|
|
}
|