tree-wide: refactor

i went overboard on modules. this is much comfier

1 files changed, 46 insertions, 0 deletions

diff --git a/systems/atlas/nginx.nix b/systems/atlas/nginx.nix
new file mode 100644
index 0000000..6cdd793
--- /dev/null
+++ b/systems/atlas/nginx.nix
@@ -0,0 +1,46 @@
+{
+  config,
+  lib,
+  ...
+}: let
+  inherit (config.networking) domain;
+
+  mkProxy = endpoint: port: {
+    "${endpoint}" = {
+      proxyPass = "http://localhost:${toString port}";
+      proxyWebsockets = true;
+    };
+  };
+
+  mkVHosts = let
+    commonSettings = {
+      enableACME = true;
+      # workaround for https://github.com/NixOS/nixpkgs/issues/210807
+      acmeRoot = null;
+
+      addSSL = true;
+    };
+  in
+    lib.mapAttrs (_: lib.recursiveUpdate commonSettings);
+in {
+  server.services.cloudflared.enable = true;
+
+  services.nginx = {
+    enable = true;
+
+    recommendedGzipSettings = true;
+    recommendedOptimisation = true;
+    recommendedProxySettings = true;
+    recommendedTlsSettings = true;
+
+    virtualHosts = mkVHosts {
+      "miniflux.${domain}" = {
+        locations = mkProxy "/" "7000";
+      };
+
+      "msix.${domain}" = {
+        root = "/var/www/msix";
+      };
+    };
+  };
+}