simon/nixos-config
simon/nixos-config
1
1
Fork 0
Code Issues 8 Pull requests Actions Projects Activity
nixos-config/modules/static-webserver.nix

74 lines
2.1 KiB
Nix
Raw Normal View History

static-webserver: Init This module makes it easier to configure static websites.
2023-11-25 12:33:26 +01:00
{ config, lib, pkgs, ... }:
let
cfg = config.sbruder.static-webserver;
in
{
options.sbruder.static-webserver = {
root = lib.mkOption {
type = lib.types.str;
default = "/var/www";
};
vhosts = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule ({ name, vhostCfg, ... }: {
options = {
redirects = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ "www.${name}" ];
};
root = lib.mkOption {
type = lib.types.str;
default = "${cfg.root}/${name}";
};
user = {
name = lib.mkOption {
type = lib.types.str;
};
keys = lib.mkOption {
type = lib.types.listOf lib.types.str;
};
};
};
}));
default = { };
};
};
config = lib.mkIf (cfg.vhosts != { }) {
users.users = lib.mapAttrs'
(_: { user, root, ... }: lib.nameValuePair user.name {
isSystemUser = true;
group = user.name;
shell = "/bin/sh";
openssh.authorizedKeys.keys = map
(key: "command=\"${pkgs.rrsync}/bin/rrsync -wo ${root}\",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ${key}")
user.keys;
})
cfg.vhosts;
users.groups = lib.mapAttrs' (_: { user, ... }: lib.nameValuePair user.name { }) cfg.vhosts;
systemd.tmpfiles.rules = map
({ root, user, ... }: "d ${root} 0755 ${user.name} ${user.name} -")
(lib.attrValues cfg.vhosts);
services.nginx.virtualHosts = lib.attrsets.mergeAttrsList
(lib.mapAttrsToList
(primaryDomain: vhostCfg:
({
${primaryDomain} = {
enableACME = true;
forceSSL = true;
root = vhostCfg.root;
};
} // (lib.listToAttrs (map
(domain: lib.nameValuePair domain {
enableACME = true;
forceSSL = true;
globalRedirect = primaryDomain;
})
vhostCfg.redirects)))
)
cfg.vhosts);
};
}
Reference in a new issue Copy permalink