summaryrefslogtreecommitdiff
path: root/modules/nixos/server/mixins/cloudflared.nix
diff options
context:
space:
mode:
Diffstat (limited to 'modules/nixos/server/mixins/cloudflared.nix')
-rw-r--r--modules/nixos/server/mixins/cloudflared.nix29
1 files changed, 18 insertions, 11 deletions
diff --git a/modules/nixos/server/mixins/cloudflared.nix b/modules/nixos/server/mixins/cloudflared.nix
index 5f75a35..26c0714 100644
--- a/modules/nixos/server/mixins/cloudflared.nix
+++ b/modules/nixos/server/mixins/cloudflared.nix
@@ -9,6 +9,15 @@
in {
options.server.mixins.cloudflared = {
enable = lib.mkEnableOption "cloudflared mixin";
+ tunnelName = lib.mkOption {
+ type = lib.types.str;
+ default = "${config.networking.hostName}-nginx";
+ example = lib.literalExpression "my-tunnel";
+ description = lib.mdDoc ''
+ Name of the default tunnel being created
+ '';
+ };
+
manageSecrets =
lib.mkEnableOption "automatic secrets management"
// {
@@ -21,18 +30,12 @@ in {
{
services.cloudflared = {
enable = true;
- tunnels = {
- "${config.networking.hostName}-nginx" =
- {
- default = "http_status:404";
+ tunnels.${cfg.tunnelName} = {
+ default = "http_status:404";
- ingress = lib.genAttrs (builtins.attrNames nginx.virtualHosts) (
- _: {service = "http://localhost:${toString nginx.defaultHTTPListenPort}";}
- );
- }
- // lib.optionalAttrs cfg.manageSecrets {
- credentialsFile = config.age.secrets.cloudflaredCreds.path;
- };
+ ingress = lib.genAttrs (builtins.attrNames nginx.virtualHosts) (
+ _: {service = "http://localhost:${toString nginx.defaultHTTPListenPort}";}
+ );
};
};
}
@@ -44,6 +47,10 @@ in {
owner = "cloudflared";
group = "cloudflared";
};
+
+ services.cloudflared.tunnels.${cfg.tunnelName} = {
+ credentialsFile = config.age.secrets.cloudflaredCreds.path;
+ };
})
]
);
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-06 16:22:01 +0000