{ config, lib, pkgs, assets, ... }: with lib; { options.components.network.nginx.enable = mkOption { type = lib.types.bool; default = config.components.network.enable; }; options.components.network.nginx.landingpage.enable = mkOption { type = lib.types.bool; default = config.components.network.nginx.enable; }; config = mkMerge [ (mkIf (config.components.network.nginx.enable) { environment.systemPackages = [ pkgs.nginx-config-formatter (pkgs.writers.writePython3Bin "nginx-show-config" { flakeIgnore = [ "E265" "E225" "W292" ]; } (lib.fileContents "${assets}/nginx-show-config.py")) ]; security.acme.defaults.email = "contact@ingolf-wagner.de"; security.acme.acceptTerms = true; services.nginx = { # Use recommended settings recommendedGzipSettings = lib.mkDefault true; recommendedOptimisation = lib.mkDefault true; recommendedProxySettings = lib.mkDefault true; recommendedTlsSettings = lib.mkDefault true; # for loki logging commonHttpConfig = '' log_format logfmt 'timestamp="$time_iso8601" ' 'facility="nginx" ' 'src_addr="$remote_addr" ' 'body_bytes_sent="$body_bytes_sent" ' 'request_time="$request_time" ' 'response_status="$status" ' 'request_method="$request_method" ' 'request="$request" ' 'host="$host" ' 'upstream_cache_status="$upstream_cache_status" ' 'upstream_addr="$upstream_addr" ' 'http_x_forwarded_for="$http_x_forwarded_for" ' 'http_referrer="$http_referer" ' 'http_user_agent="$http_user_agent" '; log_format json_combined escape=json '{' '"timestamp":"$time_iso8601",' '"facility":"nginx",' '"src_addr":"$remote_addr",' '"body_bytes_sent":"$body_bytes_sent",' '"request_time":"$request_time",' '"response_status":"$status",' '"request_method":"$request_method",' '"request":"$request",' '"host":"$host",' '"upstream_cache_status":"$upstream_cache_status",' '"upstream_addr":"$upstream_addr",' '"http_x_forwarded_for":"$http_x_forwarded_for",' '"http_referrer":"$http_referer",' '"http_user_agent":"$http_user_agent"' '}'; # log to local journald access_log syslog:server=unix:/dev/log,nohostname logfmt; ''; }; services.nginx.package = pkgs.nginxMainline; }) (mkIf (config.components.network.nginx.landingpage.enable) { services.nginx.virtualHosts."${config.networking.hostName}.private" = { default = lib.mkDefault true; locations."/" = { root = pkgs.landingpage.override { jsonConfig = let entry = { machine, items ? [ ] }: { text = machine; items = [ { label = "Syncthing"; href = "http://${machine}.private:8384/"; image = "https://media.giphy.com/media/JoyU4vuzwj6ZA7Ging/giphy.gif"; } { label = "netdata"; href = "http://${machine}.private:19999/"; image = "https://media.giphy.com/media/BkjdN6MQCDPaw/giphy.gif"; } ] ++ items; }; in [ { title = "System Links"; } (entry { machine = "orbi"; items = [ { label = "Jellyfin"; href = "http://flix.ingolf-wagner.de/"; image = "https://media.giphy.com/media/fyLi0OuWysotq/giphy.gif"; } { label = "PhotoPrism"; href = "http://10.100.0.1:2342/"; image = "https://media.giphy.com/media/fyLi0OuWysotq/giphy.gif"; } ]; }) (entry { machine = "chungus"; items = [ { label = "Grafana"; href = "http://grafana.chungus.private/explore"; image = "https://raw.githubusercontent.com/cncf/landscape/master/hosted_logos/grafana-loki.svg"; } { label = "Jellyfin"; href = "http://chungus:8096/"; image = "https://media.giphy.com/media/fyLi0OuWysotq/giphy.gif"; } { label = "HomeAssistant"; href = "http://chungus.private:8123/"; image = "https://media.giphy.com/media/fyLi0OuWysotq/giphy.gif"; } { label = "Zigbee2Mqtt"; href = "http://chungus.private:9666/"; image = "https://media.giphy.com/media/fyLi0OuWysotq/giphy.gif"; } { label = "Kitchen"; href = "http://192.168.178.101/"; image = "https://i.giphy.com/3o7TKsrMIW65QT7VWo.webp"; } { label = "Living Room"; href = "http://192.168.178.102/"; image = "https://i.giphy.com/3o7TKsrMIW65QT7VWo.webp"; } ]; }) (entry { machine = "cherry"; }) (entry { machine = "cream"; }) (entry { machine = "mobi"; }) (entry { machine = "bobi"; }) { title = "Various Links"; items = [ { label = "Terrapen"; href = "http://192.168.178.31/"; image = "https://i.giphy.com/W08brEWFt7EpA5y2jI.webp"; } { label = "Hetzner Cloud"; href = "https://console.hetzner.cloud/projects"; image = "https://media.giphy.com/media/NECZ8crkbXR0k/giphy.gif"; } { label = "Cups"; href = "http://localhost:631/"; image = "https://media.giphy.com/media/7hU7x4GPurk2c/giphy.gif"; } ]; } { text = "NixOS Links"; items = [ { label = "NixOS Manual"; href = "https://nixos.org/nixos/manual/"; image = "https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif"; } { label = "Nixpkgs Manual"; href = "https://nixos.org/nixpkgs/manual/"; image = "https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif"; } { label = "NixOS Reference"; href = "https://storage.googleapis.com/files.tazj.in/nixdoc/manual.html#sec-functions-library"; image = "https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif"; } { label = "Nix Packages"; href = "https://nixos.org/nixos/packages.html"; image = "https://media.giphy.com/media/l2YWlohvjPnsvkdEc/giphy.gif"; } { label = "NixOS Language specific helpers"; href = "https://nixos.wiki/wiki/Language-specific_package_helpers"; image = "https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif"; } { label = "NixOS Weekly"; href = "https://weekly.nixos.org/"; image = "https://media.giphy.com/media/lXiRLb0xFzmreM8k8/giphy.gif"; } { label = "NixOS Security"; href = "https://broken.sh/"; image = "https://media.giphy.com/media/BqILAHjH1Ttm0/giphy.gif"; } { label = "NixOS RFCs"; href = "https://github.com/NixOS/rfcs/"; image = "https://media.giphy.com/media/Uq9bGjGKg08M0/giphy.gif"; } ]; } { urlEncode = true; } ]; }; }; }; }) ]; }