{ config, lib, pkgs, ... }: with lib; { options.components.network.nginx.enable = mkOption { type = lib.types.bool; default = config.components.network.enable; }; config = mkIf (config.components.network.nginx.enable) { security.acme.defaults.email = "contact@ingolf-wagner.de"; security.acme.acceptTerms = true; services.nginx = { # Use recommended settings recommendedGzipSettings = lib.mkDefault true; recommendedOptimisation = lib.mkDefault true; recommendedProxySettings = lib.mkDefault true; recommendedTlsSettings = lib.mkDefault true; # for loki logging commonHttpConfig = '' log_format logfmt escape=json 'timestamp=$time_iso8601 ' 'facility=nginx ' 'src_addr=$remote_addr ' 'body_bytes_sent=$body_bytes_sent ' 'request_time=$request_time ' 'response_status=$status ' 'request="$request" ' 'request_method="$request_method" ' 'host="$host" ' 'upstream_cache_status="$upstream_cache_status" ' 'upstream_addr="$upstream_addr" ' 'http_x_forwarded_for="$http_x_forwarded_for" ' 'http_referrer="$http_referer" ' 'http_user_agent="$http_user_agent"'; # log to local journald access_log syslog:server=unix:/dev/log logfmt; ''; }; services.nginx.package = pkgs.nginxMainline; services.nginx.virtualHosts."${config.networking.hostName}.private" = { default = lib.mkDefault true; locations."/" = { root = pkgs.landingpage.override { jsonConfig = [ { title = config.networking.hostName; } { title = "System Links"; } { text = "Syncthings"; items = map ({ name, host ? "${name}.private", ... }: { label = name; href = "http://${host}:8384/"; image = "https://media.giphy.com/media/JoyU4vuzwj6ZA7Ging/giphy.gif"; }) (lib.flatten (lib.mapAttrsToList (name: { ... }: { inherit name; }) config.services.tinc.networks."private".hostSettings)); } { text = "robi"; items = [ { label = "Jellyfin"; href = "http://flix.ingolf-wagner.de/"; image = "https://media.giphy.com/media/fyLi0OuWysotq/giphy.gif"; } { label = "netdata"; href = "http://robi.private:19999/"; image = "https://media.giphy.com/media/BkjdN6MQCDPaw/giphy.gif"; } { label = "logs"; href = "http://grafana.robi.private/explore"; image = "https://raw.githubusercontent.com/cncf/landscape/master/hosted_logos/grafana-loki.svg"; } { label = "grafana"; href = "http://grafana.robi.private/"; image = "https://www.vectorlogo.zone/logos/grafana/grafana-icon.svg"; } { label = "prometheus"; href = "http://prometheus.robi.private/"; image = "https://www.vectorlogo.zone/logos/prometheusio/prometheusio-icon.svg"; } ]; } { text = "chungus"; items = [ { label = "HomeAssistant"; href = "http://chungus.private:8123/"; image = "https://media.giphy.com/media/fyLi0OuWysotq/giphy.gif"; } { label = "Zigbee2Mqtt"; href = "http://chungus.private:9666/"; image = "https://media.giphy.com/media/fyLi0OuWysotq/giphy.gif"; } { label = "Tdarr"; href = "http://tdarr.chungus.private/"; image = "https://media.giphy.com/media/fyLi0OuWysotq/giphy.gif"; } { label = "Jellyfin"; href = "http://chungus:8096/"; image = "https://media.giphy.com/media/fyLi0OuWysotq/giphy.gif"; } { label = "netdata"; href = "http://chungus.private:19999/"; image = "https://media.giphy.com/media/BkjdN6MQCDPaw/giphy.gif"; } { label = "logs"; href = "http://grafana.chungus.private/explore"; image = "https://raw.githubusercontent.com/cncf/landscape/master/hosted_logos/grafana-loki.svg"; } { label = "grafana"; href = "http://grafana.chungus.private/"; image = "https://www.vectorlogo.zone/logos/grafana/grafana-icon.svg"; } { label = "prometheus"; href = "http://prometheus.chungus.private/"; image = "https://www.vectorlogo.zone/logos/prometheusio/prometheusio-icon.svg"; } ]; } { text = "pepe"; items = [ { label = "netdata"; href = "http://pepe.private:19999/"; image = "https://media.giphy.com/media/BkjdN6MQCDPaw/giphy.gif"; } { label = "logs"; href = "http://grafana.pepe.private/explore"; image = "https://raw.githubusercontent.com/cncf/landscape/master/hosted_logos/grafana-loki.svg"; } { label = "grafana"; href = "http://grafana.pepe.private/"; image = "https://www.vectorlogo.zone/logos/grafana/grafana-icon.svg"; } { label = "prometheus"; href = "http://prometheus.pepe.private/"; image = "https://www.vectorlogo.zone/logos/prometheusio/prometheusio-icon.svg"; } ]; } { title = "Various Links"; items = [ { label = "NeverSSL"; href = "https://oldslowfreshlight.neverssl.com/"; image = "https://media.giphy.com/media/fyLi0OuWysotq/giphy.gif"; } { label = "Hetzner Cloud"; href = "https://console.hetzner.cloud/projects"; image = "https://media.giphy.com/media/NECZ8crkbXR0k/giphy.gif"; } { label = "Pass the Popcorn"; href = "https://passthepopcorn.me/"; image = "https://media.giphy.com/media/NipFetnQOuKhW/giphy.gif"; } { label = "redacted"; href = "https://redacted.ch/"; image = "https://media.giphy.com/media/ku5EcFe4PNGWA/giphy.gif"; } { label = "Cups"; href = "http://localhost:631/"; image = "https://media.giphy.com/media/7hU7x4GPurk2c/giphy.gif"; } ]; } { text = "NixOS Links"; items = [ { label = "NixOS Manual"; href = "https://nixos.org/nixos/manual/"; image = "https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif"; } { label = "Nixpkgs Manual"; href = "https://nixos.org/nixpkgs/manual/"; image = "https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif"; } { label = "NixOS Reference"; href = "https://storage.googleapis.com/files.tazj.in/nixdoc/manual.html#sec-functions-library"; image = "https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif"; } { label = "Nix Packages"; href = "https://nixos.org/nixos/packages.html"; image = "https://media.giphy.com/media/l2YWlohvjPnsvkdEc/giphy.gif"; } { label = "NixOS Language specific helpers"; href = "https://nixos.wiki/wiki/Language-specific_package_helpers"; image = "https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif"; } { label = "NixOS Weekly"; href = "https://weekly.nixos.org/"; image = "https://media.giphy.com/media/lXiRLb0xFzmreM8k8/giphy.gif"; } { label = "NixOS Security"; href = "https://broken.sh/"; image = "https://media.giphy.com/media/BqILAHjH1Ttm0/giphy.gif"; } { label = "NixOS RFCs"; href = "https://github.com/NixOS/rfcs/"; image = "https://media.giphy.com/media/Uq9bGjGKg08M0/giphy.gif"; } ]; } { urlEncode = true; } ]; }; }; }; }; }