really loving clan!

2026-04-02 17:24:18 +02:00 · 2026-04-02 17:24:18 +02:00 · d60d4badf3
commit d60d4badf3
parent a8a639db6e
15 changed files with 474 additions and 81 deletions
--- a/clanServices/gateway/README.md
+++ b/clanServices/gateway/README.md
--- a/clanServices/gateway/default.nix
+++ b/clanServices/gateway/default.nix
@ -0,0 +1,94 @@
+{
+  lib,
+  clanLib,
+  exports,
+  ...
+}: let
+  inherit (builtins) toString;
+in {
+  _class = "clan.service";
+  manifest = {
+    name = "arda/gateway";
+    description = ''
+    '';
+    readme = builtins.readFile ./README.md;
+    exports = {
+      inputs = [];
+      out = [];
+    };
+  };
+
+  roles.default = {
+    description = '''';
+
+    interface = {lib, ...}: let
+      inherit (lib) mkOption types;
+    in {
+      options = {
+        driver = mkOption {
+          type = types.enum ["caddy" "nginx"];
+        };
+
+        hosts = mkOption {
+          type = types.attrsOf types.str;
+          default = {};
+        };
+      };
+    };
+
+    perInstance = {
+      mkExports,
+      machine,
+      settings,
+      ...
+    }: let
+      reverse_proxies =
+        exports
+        |> clanLib.selectExports (_scope: true)
+        |> lib.mapAttrsToList (_: value: (value.gateway.services or {}) |> lib.attrValues)
+        |> lib.concatLists
+        |> lib.map ({
+          name,
+          protocol,
+          host,
+          port,
+        }: {
+          name = "${name}.${machine.name}.arda";
+          value = {
+            extraConfig = ''
+              reverse_proxy ${protocol}://${host}:${toString port}
+            '';
+          };
+        })
+        |> lib.listToAttrs;
+    in {
+      # exports =
+      #   mkExports {
+      #   };
+
+      nixosModule = {
+        lib,
+        pkgs,
+        ...
+      }: let
+        inherit (lib) mkMerge mkIf;
+
+        caddyPackage = pkgs.caddy.withPlugins {
+          plugins = ["github.com/corazawaf/coraza-caddy/v2@v2.1.0"];
+          hash = "sha256-pSXjLaZoRtKV3eFl2ySRSjl3yxi514G1Cb7pfrpxxtE=";
+        };
+      in {
+        config = mkMerge [
+          (lib.mkIf (settings.driver == "caddy") {
+            services.caddy = {
+              enable = true;
+              package = caddyPackage;
+
+              virtualHosts = reverse_proxies // {};
+            };
+          })
+        ];
+      };
+    };
+  };
+}
--- a/clanServices/gateway/flake-module.nix
+++ b/clanServices/gateway/flake-module.nix
@ -0,0 +1,13 @@
+{...}: let
+  module = ./default.nix;
+in {
+  clan.modules.gateway = module;
+
+  # perSystem = {...}: {
+  #   clan.nixosTests.gateway = {
+  #     imports = [];
+
+  #     clan.modules."@arda/gateway" = module;
+  #   };
+  # };
+}