summaryrefslogtreecommitdiff
path: root/modules/nixos/traits/cloudflared.nix
diff options
context:
space:
mode:
Diffstat (limited to 'modules/nixos/traits/cloudflared.nix')
-rw-r--r--modules/nixos/traits/cloudflared.nix50
1 files changed, 0 insertions, 50 deletions
diff --git a/modules/nixos/traits/cloudflared.nix b/modules/nixos/traits/cloudflared.nix
deleted file mode 100644
index 5bff263..0000000
--- a/modules/nixos/traits/cloudflared.nix
+++ /dev/null
@@ -1,50 +0,0 @@
-{
- config,
- lib,
- secretsDir,
- ...
-}: let
- cfg = config.traits.cloudflared;
- inherit (config.services) nginx;
-in {
- options.traits.cloudflared = {
- enable = lib.mkEnableOption "cloudflared";
- manageSecrets =
- lib.mkEnableOption "automatic secrets management"
- // {
- default = config.traits.secrets.enable;
- };
- };
-
- config = lib.mkIf cfg.enable (
- lib.mkMerge [
- {
- services.cloudflared = {
- enable = true;
- tunnels = {
- "${config.networking.hostName}-nginx" =
- {
- default = "http_status:404";
-
- ingress = lib.genAttrs (builtins.attrNames nginx.virtualHosts) (
- _: {service = "http://localhost:${toString nginx.defaultHTTPListenPort}";}
- );
- }
- // lib.optionalAttrs cfg.manageSecrets {
- credentialsFile = config.age.secrets.cloudflaredCreds.path;
- };
- };
- };
- }
-
- (lib.mkIf cfg.manageSecrets {
- age.secrets.cloudflaredCreds = {
- file = secretsDir + "/cloudflaredCreds.age";
- mode = "400";
- owner = "cloudflared";
- group = "cloudflared";
- };
- })
- ]
- );
-}
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-06 13:57:56 +0000