nixos-config/config/services/reverse-proxy.nix

85 lines
1.9 KiB
Nix
Raw Normal View History

2022-06-12 15:39:15 +00:00
{
nix-packages,
system,
pkgs,
config,
...
2022-08-26 15:28:14 +00:00
}: let
mkConfigExtra = extra: dest: {
useACMEHost = "chir.rs";
extraConfig = ''
import baseConfig
2022-08-26 16:00:06 +00:00
${extra}
2022-08-26 15:28:14 +00:00
reverse_proxy {
to ${dest}
header_up Host {upstream_hostport}
transport http {
versions 1.1 2 3
}
}
'';
2022-06-12 15:39:15 +00:00
};
2022-08-26 15:28:14 +00:00
mkConfig = mkConfigExtra "";
in {
services.caddy.virtualHosts = {
"hydra.chir.rs" = mkConfig "https://hydra.int.chir.rs";
"mastodon.chir.rs" = {
useACMEHost = "chir.rs";
extraConfig = ''
2022-08-26 15:28:14 +00:00
import baseConfig
handle {
root * ${nix-packages.packages.${system}.mastodon}/public
file_server
}
handle_errors {
reverse_proxy {
to https://mastodon.int.chir.rs
header_up Host {upstream_hostport}
transport http {
versions 1.1 2 3
}
}
}
'';
};
2022-08-26 15:28:14 +00:00
"mastodon-assets.chir.rs" = {
useACMEHost = "chir.rs";
2022-04-26 11:31:59 +00:00
extraConfig = ''
2022-08-26 15:28:14 +00:00
import baseConfig
@getOnly {
method GET
}
2022-08-26 18:12:11 +00:00
rewrite * /file/mastodon-chir-rs{path}
2022-08-26 16:00:06 +00:00
2022-08-26 15:28:14 +00:00
reverse_proxy @getOnly {
to https://f000.backblazeb2.com
header_up Host {upstream_hostport}
header_up -Authorization
header_down -Set-Cookie
header_down Access-Control-Allow-Origin '*'
header_down -Access-Control-Allow-Methods
header_down Access-Control-Allow-Headers
header_up -Set-Cookie
transport http {
versions 1.1 2 3
}
}
2022-04-26 11:31:59 +00:00
'';
};
2022-08-26 15:28:14 +00:00
"drone.chir.rs" = mkConfig "https://drone.int.chir.rs";
"chir.rs" = {
useACMEHost = "chir.rs";
2022-06-23 06:35:05 +00:00
extraConfig = ''
2022-08-26 15:28:14 +00:00
import baseConfig
handle /.well-known/webfinger {
header Location https://mastodon.chir.rs{path}
respond 301
}
2022-06-23 06:35:05 +00:00
'';
};
};
2022-04-15 08:27:53 +00:00
}