wip

nixos/components/network/tinc/default.nix

@@ -5,8 +5,10 @@ with lib;
   options.tinc = {
     private = {
       enable = mkEnableOption "private tinc setup";
-      ipv4 = mkOption {
+      ipv4 = mkOption { type = types.str; };
+      subnet = mkOption {
         type = types.str;
+        default = "10.23.42.0/24";
       };
     };
     secret = {

nixos/machines/robi/transmission.nix

@@ -290,20 +290,20 @@ in
 
   # curl -H "Host: transmission.robi.private" https://robi.private/  < will work
   # curl -H "Host: transmission.robi.private" https://144.76.13.147/ < wont work
-  #services.nginx = {
-  #  enable = true;
-  #  recommendedProxySettings = true;
-  #  virtualHosts = {
-  #    "transmission.${config.networking.hostName}.private" = {
-  #      extraConfig = ''
-  #        allow ${config.module.cluster.services.tinc.private.networkSubnet};
-  #        deny all;
-  #      '';
-  #      locations."/" = {
-  #        proxyPass = "http://${containerAddress}:${toString uiPort}";
-  #      };
-  #    };
-  #  };
-  #};
+  services.nginx = {
+    enable = true;
+    recommendedProxySettings = true;
+    virtualHosts = {
+      "transmission.${config.networking.hostName}.private" = {
+        extraConfig = ''
+          allow ${config.tinc.private.subnet};
+          deny all;
+        '';
+        locations."/" = {
+          proxyPass = "http://${containerAddress}:${toString uiPort}";
+        };
+      };
+    };
+  };
 
 }

nixos/machines/robi/transmission2.nix

@@ -168,20 +168,20 @@ in
 
   # curl -H "Host: transmission.robi.private" https://robi.private/  < will work
   # curl -H "Host: transmission.robi.private" https://144.76.13.147/ < wont work
-  #services.nginx = {
-  #  enable = true;
-  #  recommendedProxySettings = true;
-  #  virtualHosts = {
-  #    "transmission2.${config.networking.hostName}.private" = {
-  #      extraConfig = ''
-  #        allow ${config.module.cluster.services.tinc.private.networkSubnet};
-  #        deny all;
-  #      '';
-  #      locations."/" = {
-  #        proxyPass = "http://127.0.0.1:${toString uiPort}";
-  #      };
-  #    };
-  #  };
-  #};
+  services.nginx = {
+    enable = true;
+    recommendedProxySettings = true;
+    virtualHosts = {
+      "transmission2.${config.networking.hostName}.private" = {
+        extraConfig = ''
+          allow ${config.tinc.private.subnet};
+          deny all;
+        '';
+        locations."/" = {
+          proxyPass = "http://127.0.0.1:${toString uiPort}";
+        };
+      };
+    };
+  };
 
 }