diff options
| author | azahi <azat@bahawi.net> | 2025-02-17 02:21:56 +0300 |
|---|---|---|
| committer | azahi <azat@bahawi.net> | 2025-02-17 02:21:56 +0300 |
| commit | 59180328cda59817d71cd58c8f48ead047375064 (patch) | |
| tree | 2cdd7d1bfa309839ef624c19daf283f510aacf69 /modules/nginx.nix | |
| parent | 2025-02-05 (diff) | |
2025-02-17
Diffstat (limited to 'modules/nginx.nix')
| -rw-r--r-- | modules/nginx.nix | 49 |
1 files changed, 24 insertions, 25 deletions
diff --git a/modules/nginx.nix b/modules/nginx.nix index 6cb47b4..dee08e4 100644 --- a/modules/nginx.nix +++ b/modules/nginx.nix @@ -5,28 +5,27 @@ this, ... }: -with lib; let cfg = config.nixfiles.modules.nginx; in { options.nixfiles.modules.nginx = { - enable = mkEnableOption "Nginx"; + enable = lib.mkEnableOption "Nginx"; - upstreams = mkOption { + upstreams = lib.mkOption { description = "Defines a group of servers to use as proxy target."; - type = with types; anything; + type = lib.types.anything; default = null; }; - virtualHosts = mkOption { + virtualHosts = lib.mkOption { description = "Attrset of virtual hosts."; - type = with types; anything; + type = lib.types.anything; default = null; }; }; - config = mkIf cfg.enable { + config = lib.mkIf cfg.enable { _module.args.libNginx.config = { internalOnly = '' add_header X-Robots-Tag "noindex, nofollow, noarchive, nosnippet"; @@ -56,15 +55,15 @@ in package = pkgs.nginxMainline; - statusPage = mkDefault true; + statusPage = lib.mkDefault true; - recommendedOptimisation = mkDefault true; - recommendedProxySettings = mkDefault true; - recommendedTlsSettings = mkDefault true; + recommendedOptimisation = lib.mkDefault true; + recommendedProxySettings = lib.mkDefault true; + recommendedTlsSettings = lib.mkDefault true; - recommendedBrotliSettings = mkDefault true; - recommendedGzipSettings = mkDefault true; - recommendedZstdSettings = mkDefault true; + recommendedBrotliSettings = lib.mkDefault true; + recommendedGzipSettings = lib.mkDefault true; + recommendedZstdSettings = lib.mkDefault true; resolver.addresses = let @@ -74,15 +73,15 @@ in if config.networking.nameservers != [ ] then config.networking.nameservers else - dns.const.quad9.default; + lib.dns.const.quad9.default; in map escapeIPv6 resolvers; - commonHttpConfig = concatStrings [ + commonHttpConfig = lib.concatStrings [ '' access_log syslog:server=unix:/dev/log; '' - (optionalString (hasAttr "wireguard" this) ( + (lib.optionalString (lib.hasAttr "wireguard" this) ( with config.nixfiles.modules.wireguard; '' geo $internal { @@ -106,14 +105,14 @@ in locations."/".return = "444"; }; } - // (mkIf (cfg.virtualHosts != null) ( - mapAttrs ( + // (lib.mkIf (cfg.virtualHosts != null) ( + lib.mapAttrs ( _: attr: - mkMerge [ + lib.mkMerge [ attr - (mkIf config.nixfiles.modules.acme.enable { - enableACME = mkDefault true; - forceSSL = mkDefault true; + (lib.mkIf config.nixfiles.modules.acme.enable { + enableACME = lib.mkDefault true; + forceSSL = lib.mkDefault true; }) ] ) cfg.virtualHosts @@ -129,8 +128,8 @@ in prometheus.exporters.nginx = { enable = true; - listenAddress = mkDefault this.wireguard.ipv4.address; - port = mkDefault 9113; + listenAddress = lib.mkDefault this.wireguard.ipv4.address; + port = lib.mkDefault 9113; }; }; |