diff options
| author | Seth Flynn <[email protected]> | 2025-02-08 20:44:49 -0500 |
|---|---|---|
| committer | Seth Flynn <[email protected]> | 2025-02-08 21:58:07 -0500 |
| commit | 61c05b35ebea09eb9aef59f4aac4a706001f7ec6 (patch) | |
| tree | 4fd724535f18d0c53ddf40d6a06e691c094df1d4 /modules/nixos/mixins | |
| parent | 250b2a0bfd6c9ab9fcf833451f6c7557e30b59ee (diff) | |
nixos/nginx: actually act as a mixin
This doesn't require disabling anything. It only changes the defaults
Diffstat (limited to 'modules/nixos/mixins')
| -rw-r--r-- | modules/nixos/mixins/nginx.nix | 45 |
1 files changed, 29 insertions, 16 deletions
diff --git a/modules/nixos/mixins/nginx.nix b/modules/nixos/mixins/nginx.nix index 67d0c25..13dd5b5 100644 --- a/modules/nixos/mixins/nginx.nix +++ b/modules/nixos/mixins/nginx.nix @@ -1,22 +1,35 @@ { config, lib, ... }: -let - cfg = config.mixins.nginx; -in + { - options.mixins.nginx = { - enable = lib.mkEnableOption "NGINX mixin"; + options = { + services.nginx.virtualHosts = lib.mkOption { + type = lib.types.attrsOf ( + lib.types.submodule { + config = { + enableACME = lib.mkDefault true; + forceSSL = lib.mkDefault true; + }; + } + ); + }; }; - config = lib.mkIf cfg.enable { - services.nginx = { - enable = true; + config = lib.mkMerge [ + { + services.nginx = { + enableReload = true; - recommendedBrotliSettings = true; - recommendedGzipSettings = true; - recommendedOptimisation = true; - recommendedProxySettings = true; - recommendedTlsSettings = true; - recommendedZstdSettings = true; - }; - }; + recommendedBrotliSettings = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + recommendedZstdSettings = true; + }; + } + + (lib.mkIf config.services.nginx.enable { + security.acme.defaults.reloadServices = [ "nginx.service" ]; + }) + ]; } |