Use stable channel and use helper function for acme challenge proxy

2023-10-10 15:21:16 +02:00 · 2023-10-10 15:21:16 +02:00 · 8f63afc43b
commit 8f63afc43b
parent 15963fd37e
21 changed files with 257 additions and 319 deletions
--- a/config/hosts/web-public-2/virtualHosts/acme-challenge.nix
+++ b/config/hosts/web-public-2/virtualHosts/acme-challenge.nix
@ -1,68 +1,23 @@
 { ... }:
-{
-  services.nginx.virtualHosts = {
-    "jellyfin.grzb.de" = {
-      listen = [{ 
-        addr = "0.0.0.0";
-        port = 80;
-      }];
-      locations."^~ /.well-known/acme-challenge/" = {
-        proxyPass = "http://jellyfin.vs.grzb.de:80";
-      };
-    };
-    "mail-1.grzb.de" = {
-      listen = [{ 
-        addr = "0.0.0.0";
-        port = 80;
-      }];
-      locations."^~ /.well-known/acme-challenge/" = {
-        proxyPass = "http://mail-1.vs.grzb.de:80";
-      };
-    };
-    "mastodon.nekover.se" = {
-      listen = [{ 
-        addr = "0.0.0.0";
-        port = 80;
-      }];
-      locations."^~ /.well-known/acme-challenge/" = {
-        proxyPass = "http://mastodon.vs.grzb.de:80";
-      };
-    };
-    "matrix.nekover.se" = {
-      listen = [{ 
-        addr = "0.0.0.0";
-        port = 80;
-      }];
-      locations."^~ /.well-known/acme-challenge/" = {
-        proxyPass = "http://matrix.vs.grzb.de:80";
-      };
-    };
-    "netbox.grzb.de" = {
-      listen = [{ 
-        addr = "0.0.0.0";
-        port = 80;
-      }];
-      locations."^~ /.well-known/acme-challenge/" = {
-        proxyPass = "http://netbox.vs.grzb.de:80";
-      };
-    };
-    "grafana.grzb.de" = {
-      listen = [{ 
-        addr = "0.0.0.0";
-        port = 80;
-      }];
-      locations."^~ /.well-known/acme-challenge/" = {
-        proxyPass = "http://metrics.vs.grzb.de:80";
-      };
-    };
-    "turn.nekover.se" = {
-      listen = [{ 
-        addr = "0.0.0.0";
-        port = 80;
-      }];
-      locations."^~ /.well-known/acme-challenge/" = {
-        proxyPass = "http://coturn.vs.grzb.de:80";
-      };
-    };
+let
+  acmeDomainMap = {
+    "jellyfin.grzb.de" = "jellyfin.vs.grzb.de";
+    "mail-1.grzb.de" = "mail-1.vs.grzb.de";
+    "social.nekover.se" = "mastodon.vs.grzb.de";
+    "matrix.nekover.se" = "matrix.vs.grzb.de";
+    "netbox.grzb.de" = "netbox.vs.grzb.de";
+    "grafana.grzb.de" = "metrics.vs.grzb.de";
+    "turn.nekover.se" = "coturn.vs.grzb.de";
  };
+in
+{
+  services.nginx.virtualHosts = (builtins.mapAttrs (domain: target: {
+    listen = [{ 
+      addr = "0.0.0.0";
+      port = 80;
+    }];
+    locations."^~ /.well-known/acme-challenge/" = {
+      proxyPass = "http://${target}:80";
+    };
+  }) acmeDomainMap);
 }