reverse proxy stuff

2025-09-09 20:41:37 -05:00
parent 6567bb1348
commit f58006cf8a
14 changed files with 433 additions and 27 deletions
--- a/lib/examples/reverseproxy.nix
+++ b/lib/examples/reverseproxy.nix
@@ -0,0 +1,113 @@
+# Example usage of the reverse proxy utilities
+{ inputs, lib, ... }:
+let
+  inherit (lib.mjallen-lib.reverseproxy)
+    mkReverseProxy
+    mkReverseProxies
+    templates
+    middlewares
+    urls
+    ;
+in
+{
+  # Example 1: Simple reverse proxy for a local service
+  simpleProxy = mkReverseProxy {
+    name = "myapp";
+    subdomain = "myapp";
+    url = "http://127.0.0.1:3000";
+  };
+
+  # Example 2: Authenticated service with custom middlewares
+  authProxy = mkReverseProxy {
+    name = "admin-panel";
+    subdomain = "admin";
+    url = "http://127.0.0.1:8080";
+    middlewares = middlewares.authBasic;
+  };
+
+  # Example 3: Container-based service
+  containerProxy = mkReverseProxy {
+    name = "nextcloud";
+    subdomain = "cloud";
+    url = urls.container "nextcloud" 80;
+    middlewares = middlewares.basic;
+  };
+
+  # Example 4: Multiple proxies at once
+  multipleProxies = mkReverseProxies [
+    {
+      name = "grafana";
+      subdomain = "grafana";
+      url = urls.localhost 3000;
+      middlewares = middlewares.authBasic;
+    }
+    {
+      name = "prometheus";
+      subdomain = "prometheus";
+      url = urls.localhost 9090;
+      middlewares = middlewares.internal;
+    }
+    {
+      name = "alertmanager";
+      subdomain = "alerts";
+      url = urls.localhost 9093;
+      middlewares = middlewares.authBasic;
+    }
+  ];
+
+  # Example 5: Using templates for common patterns
+  webappExample = templates.webapp {
+    name = "webapp";
+    subdomain = "app";
+    port = 8080;
+  };
+
+  authWebappExample = templates.authWebapp {
+    name = "secure-app";
+    subdomain = "secure";
+    port = 9000;
+  };
+
+  containerExample = templates.containerService {
+    name = "gitea";
+    subdomain = "git";
+    containerName = "gitea";
+    port = 3000;
+  };
+
+  internalExample = templates.internalService {
+    name = "internal-api";
+    subdomain = "api-internal";
+    port = 8000;
+  };
+
+  # Example 6: Custom domain and advanced configuration
+  customProxy = mkReverseProxy {
+    name = "custom-service";
+    subdomain = "custom";
+    url = "http://10.0.1.100:8080";
+    domain = "example.com";
+    priority = 20;
+    rule = "Host(`custom.example.com`) && PathPrefix(`/api`)";
+    middlewares = [ "crowdsec" "whitelist-geoblock" "rate-limit" ];
+  };
+
+  # Example usage in a Traefik configuration:
+  # 
+  # mjallen.services.traefik = {
+  #   enable = true;
+  #   extraServices = multipleProxies.extraServices;
+  #   extraRouters = multipleProxies.extraRouters;
+  # };
+  #
+  # Or for individual proxies:
+  #
+  # mjallen.services.traefik = {
+  #   enable = true;
+  #   extraServices = [ simpleProxy.service ];
+  #   extraRouters = [{
+  #     inherit (simpleProxy.router) subdomain entryPoints middlewares;
+  #     service = simpleProxy.router.service;
+  #   }];
+  # };
+}