nixos: remove root password

author: seth <[email protected]> 2024-02-28 07:31:21 -0500
committer: seth <[email protected]> 2024-02-28 07:31:21 -0500
commit: 4caa14d0416c8ac14e0ac617a1eec22b9df830f6 (patch)
tree: ab2a295461a046118841c046fc1d6a3b6bbf7c38 /modules/nixos/server/mixins/cloudflared.nix
parent: ed23d606f190aa20e620063ab65e78caf613b67c (diff)
1 files changed, 18 insertions, 11 deletions
diff --git a/modules/nixos/server/mixins/cloudflared.nix b/modules/nixos/server/mixins/cloudflared.nix
index 5f75a35..26c0714 100644
--- a/modules/nixos/server/mixins/cloudflared.nix
+++ b/modules/nixos/server/mixins/cloudflared.nix
@@ -9,6 +9,15 @@
 in {
   options.server.mixins.cloudflared = {
     enable = lib.mkEnableOption "cloudflared mixin";
+    tunnelName = lib.mkOption {
+      type = lib.types.str;
+      default = "${config.networking.hostName}-nginx";
+      example = lib.literalExpression "my-tunnel";
+      description = lib.mdDoc ''
+        Name of the default tunnel being created
+      '';
+    };
+
     manageSecrets =
       lib.mkEnableOption "automatic secrets management"
       // {
@@ -21,18 +30,12 @@ in {
       {
         services.cloudflared = {
           enable = true;
-          tunnels = {
-            "${config.networking.hostName}-nginx" =
-              {
-                default = "http_status:404";
+          tunnels.${cfg.tunnelName} = {
+            default = "http_status:404";
 
-                ingress = lib.genAttrs (builtins.attrNames nginx.virtualHosts) (
-                  _: {service = "http://localhost:${toString nginx.defaultHTTPListenPort}";}
-                );
-              }
-              // lib.optionalAttrs cfg.manageSecrets {
-                credentialsFile = config.age.secrets.cloudflaredCreds.path;
-              };
+            ingress = lib.genAttrs (builtins.attrNames nginx.virtualHosts) (
+              _: {service = "http://localhost:${toString nginx.defaultHTTPListenPort}";}
+            );
           };
         };
       }
@@ -44,6 +47,10 @@ in {
           owner = "cloudflared";
           group = "cloudflared";
         };
+
+        services.cloudflared.tunnels.${cfg.tunnelName} = {
+          credentialsFile = config.age.secrets.cloudflaredCreds.path;
+        };
       })
     ]
   );
author	seth <[email protected]>	2024-02-28 07:31:21 -0500
committer	seth <[email protected]>	2024-02-28 07:31:21 -0500
commit	4caa14d0416c8ac14e0ac617a1eec22b9df830f6 (patch)
tree	ab2a295461a046118841c046fc1d6a3b6bbf7c38 /modules/nixos/server/mixins/cloudflared.nix
parent	ed23d606f190aa20e620063ab65e78caf613b67c (diff)