{
config,
lib,
pkgs,
assets,
...
}:
with lib;
{
options.components.network.nginx.enable = mkOption {
type = lib.types.bool;
default = config.components.network.enable;
};
options.components.network.nginx.landingpage.enable = mkOption {
type = lib.types.bool;
default = config.components.network.nginx.enable;
};
config = mkMerge [
(mkIf (config.components.network.nginx.enable) {
environment.systemPackages = [
pkgs.nginx-config-formatter
(pkgs.writers.writePython3Bin "nginx-show-config" {
flakeIgnore = [
"E265"
"E225"
"W292"
];
} (lib.fileContents "${assets}/nginx-show-config.py"))
];
security.acme.defaults.email = "contact@ingolf-wagner.de";
security.acme.acceptTerms = true;
services.nginx = {
# Use recommended settings
recommendedGzipSettings = lib.mkDefault true;
recommendedOptimisation = lib.mkDefault true;
recommendedProxySettings = lib.mkDefault true;
recommendedTlsSettings = lib.mkDefault true;
# for loki logging
commonHttpConfig = ''
log_format logfmt
'timestamp="$time_iso8601" '
'facility="nginx" '
'src_addr="$remote_addr" '
'body_bytes_sent="$body_bytes_sent" '
'request_time="$request_time" '
'response_status="$status" '
'request_method="$request_method" '
'request="$request" '
'host="$host" '
'upstream_cache_status="$upstream_cache_status" '
'upstream_addr="$upstream_addr" '
'http_x_forwarded_for="$http_x_forwarded_for" '
'http_referrer="$http_referer" '
'http_user_agent="$http_user_agent" ';
log_format json_combined escape=json
'{'
'"timestamp":"$time_iso8601",'
'"facility":"nginx",'
'"src_addr":"$remote_addr",'
'"body_bytes_sent":"$body_bytes_sent",'
'"request_time":"$request_time",'
'"response_status":"$status",'
'"request_method":"$request_method",'
'"request":"$request",'
'"host":"$host",'
'"upstream_cache_status":"$upstream_cache_status",'
'"upstream_addr":"$upstream_addr",'
'"http_x_forwarded_for":"$http_x_forwarded_for",'
'"http_referrer":"$http_referer",'
'"http_user_agent":"$http_user_agent"'
'}';
# log to local journald
access_log syslog:server=unix:/dev/log,nohostname logfmt;
'';
};
services.nginx.package = pkgs.nginxMainline;
})
(mkIf (config.components.network.nginx.landingpage.enable) {
services.nginx.virtualHosts."${config.networking.hostName}.private" = {
default = lib.mkDefault true;
locations."/" = {
root = pkgs.landingpage.override {
jsonConfig =
let
entry =
{
machine,
items ? [ ],
}:
{
text = machine;
items = [
{
label = "Syncthing";
href = "http://${machine}.private:8384/";
image = "https://media.giphy.com/media/JoyU4vuzwj6ZA7Ging/giphy.gif";
}
{
label = "netdata";
href = "http://${machine}.private:19999/";
image = "https://media.giphy.com/media/BkjdN6MQCDPaw/giphy.gif";
}
] ++ items;
};
in
[
{ title = "System Links"; }
(entry {
machine = "orbi";
items = [
{
label = "Jellyfin";
href = "http://flix.ingolf-wagner.de/";
image = "https://media.giphy.com/media/fyLi0OuWysotq/giphy.gif";
}
{
label = "PhotoPrism";
href = "http://10.100.0.1:2342/";
image = "https://media.giphy.com/media/fyLi0OuWysotq/giphy.gif";
}
{
label = "Build Bot";
href = "http://orbi.private:8010";
image = "https://i.giphy.com/media/v1.Y2lkPTc5MGI3NjExd2gxZDg4Mm92c280OWxlZXJoZ3V6MWozamI5c3M2dnd1M3pma2lydiZlcD12MV9pbnRlcm5hbF9naWZfYnlfaWQmY3Q9Zw/UqcFByCQIOloWRXUxs/giphy.gif";
}
];
})
(entry {
machine = "chungus";
items = [
{
label = "Grafana";
href = "http://grafana.chungus.private/explore";
image = "https://raw.githubusercontent.com/cncf/landscape/master/hosted_logos/grafana-loki.svg";
}
{
label = "Jellyfin";
href = "http://chungus:8096/";
image = "https://media.giphy.com/media/fyLi0OuWysotq/giphy.gif";
}
{
label = "HomeAssistant";
href = "http://chungus.private:8123/";
image = "https://media.giphy.com/media/fyLi0OuWysotq/giphy.gif";
}
{
label = "Zigbee2Mqtt";
href = "http://chungus.private:9666/";
image = "https://media.giphy.com/media/fyLi0OuWysotq/giphy.gif";
}
{
label = "Kitchen";
href = "http://192.168.178.101/";
image = "https://i.giphy.com/3o7TKsrMIW65QT7VWo.webp";
}
{
label = "Living Room";
href = "http://192.168.178.102/";
image = "https://i.giphy.com/3o7TKsrMIW65QT7VWo.webp";
}
];
})
(entry { machine = "cherry"; })
#(entry { machine = "cream"; })
(entry { machine = "mobi"; })
(entry { machine = "bobi"; })
{
title = "Various Links";
items = [
{
label = "Terrapen";
href = "http://192.168.178.31/";
image = "https://i.giphy.com/W08brEWFt7EpA5y2jI.webp";
}
{
label = "Hetzner Cloud";
href = "https://console.hetzner.cloud/projects";
image = "https://media.giphy.com/media/NECZ8crkbXR0k/giphy.gif";
}
{
label = "Cups";
href = "http://localhost:631/";
image = "https://media.giphy.com/media/7hU7x4GPurk2c/giphy.gif";
}
];
}
{
text = "NixOS Links";
items = [
{
label = "NixOS Manual";
href = "https://nixos.org/nixos/manual/";
image = "https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif";
}
{
label = "Nixpkgs Manual";
href = "https://nixos.org/nixpkgs/manual/";
image = "https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif";
}
{
label = "NixOS Reference";
href = "https://storage.googleapis.com/files.tazj.in/nixdoc/manual.html#sec-functions-library";
image = "https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif";
}
{
label = "Nix Packages";
href = "https://nixos.org/nixos/packages.html";
image = "https://media.giphy.com/media/l2YWlohvjPnsvkdEc/giphy.gif";
}
{
label = "NixOS Language specific helpers";
href = "https://nixos.wiki/wiki/Language-specific_package_helpers";
image = "https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif";
}
{
label = "NixOS Weekly";
href = "https://weekly.nixos.org/";
image = "https://media.giphy.com/media/lXiRLb0xFzmreM8k8/giphy.gif";
}
{
label = "NixOS Security";
href = "https://broken.sh/";
image = "https://media.giphy.com/media/BqILAHjH1Ttm0/giphy.gif";
}
{
label = "NixOS RFCs";
href = "https://github.com/NixOS/rfcs/";
image = "https://media.giphy.com/media/Uq9bGjGKg08M0/giphy.gif";
}
];
}
{ urlEncode = true; }
];
};
};
};
})
];
}