50 lines
1.3 KiB
Nix
50 lines
1.3 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
let
|
|
port = 8888;
|
|
services = {
|
|
"media" = config.krops.secrets.media-proxy-auth.path;
|
|
"scan" = config.krops.secrets.media-proxy-auth.path;
|
|
"torrent" = config.krops.secrets.torrent-proxy-auth.path;
|
|
};
|
|
in
|
|
{
|
|
options.sbruder.media-proxy.enable = lib.mkEnableOption "media proxy";
|
|
|
|
config = lib.mkIf config.sbruder.media-proxy.enable {
|
|
krops.secrets = {
|
|
torrent-proxy-auth.group = "nginx";
|
|
media-proxy-auth.group = "nginx";
|
|
};
|
|
users.users.nginx.extraGroups = [ "keys" ];
|
|
|
|
services.nginx = {
|
|
enable = true;
|
|
virtualHosts.media-proxy = {
|
|
serverName = "localhost";
|
|
listen = [
|
|
{ inherit port; addr = "127.0.0.1"; }
|
|
{ inherit port; addr = "[::1]"; }
|
|
];
|
|
locations = {
|
|
"/".extraConfig = ''
|
|
rewrite ^/__assets/(.*)$ /media/__assets/$1;
|
|
'';
|
|
} // lib.mapAttrs'
|
|
(name: secret: {
|
|
name = "/${name}/";
|
|
value = {
|
|
proxyPass = "https://${name}.sbruder.de/";
|
|
proxyWebsockets = true;
|
|
extraConfig = ''
|
|
proxy_buffering off;
|
|
include ${secret};
|
|
charset utf-8;
|
|
'';
|
|
};
|
|
})
|
|
services;
|
|
};
|
|
};
|
|
};
|
|
}
|