nixos-config/modules/media-proxy.nix

50 lines
1.3 KiB
Nix

{ config, lib, pkgs, ... }:
let
port = 8888;
services = {
"media" = config.krops.secrets.media-proxy-auth.path;
"scan" = config.krops.secrets.media-proxy-auth.path;
"torrent" = config.krops.secrets.torrent-proxy-auth.path;
};
in
{
options.sbruder.media-proxy.enable = lib.mkEnableOption "media proxy";
config = lib.mkIf config.sbruder.media-proxy.enable {
krops.secrets = {
torrent-proxy-auth.group = "nginx";
media-proxy-auth.group = "nginx";
};
users.users.nginx.extraGroups = [ "keys" ];
services.nginx = {
enable = true;
virtualHosts.media-proxy = {
serverName = "localhost";
listen = [
{ inherit port; addr = "127.0.0.1"; }
{ inherit port; addr = "[::1]"; }
];
locations = {
"/".extraConfig = ''
rewrite ^/__assets/(.*)$ /media/__assets/$1;
'';
} // lib.mapAttrs'
(name: secret: {
name = "/${name}/";
value = {
proxyPass = "https://${name}.sbruder.de/";
proxyWebsockets = true;
extraConfig = ''
proxy_buffering off;
include ${secret};
charset utf-8;
'';
};
})
services;
};
};
};
}