nix-config/lib/examples/reverseproxy.nix

# Example usage of the reverse proxy utilities
{ inputs, lib, ... }:
let
  inherit (lib.mjallen-lib.reverseproxy)
    mkReverseProxy
    mkReverseProxies
    templates
    middlewares
    urls
    ;
in
{
  # Example 1: Simple reverse proxy for a local service
  simpleProxy = mkReverseProxy {
    name = "myapp";
    subdomain = "myapp";
    url = "http://127.0.0.1:3000";
  };

  # Example 2: Authenticated service with custom middlewares
  authProxy = mkReverseProxy {
    name = "admin-panel";
    subdomain = "admin";
    url = "http://127.0.0.1:8080";
    middlewares = middlewares.authBasic;
  };

  # Example 3: Container-based service
  containerProxy = mkReverseProxy {
    name = "nextcloud";
    subdomain = "cloud";
    url = urls.container "nextcloud" 80;
    middlewares = middlewares.basic;
  };

  # Example 4: Multiple proxies at once
  multipleProxies = mkReverseProxies [
    {
      name = "grafana";
      subdomain = "grafana";
      url = urls.localhost 3000;
      middlewares = middlewares.authBasic;
    }
    {
      name = "prometheus";
      subdomain = "prometheus";
      url = urls.localhost 9090;
      middlewares = middlewares.internal;
    }
    {
      name = "alertmanager";
      subdomain = "alerts";
      url = urls.localhost 9093;
      middlewares = middlewares.authBasic;
    }
  ];

  # Example 5: Using templates for common patterns
  webappExample = templates.webapp {
    name = "webapp";
    subdomain = "app";
    port = 8080;
  };

  authWebappExample = templates.authWebapp {
    name = "secure-app";
    subdomain = "secure";
    port = 9000;
  };

  containerExample = templates.containerService {
    name = "gitea";
    subdomain = "git";
    containerName = "gitea";
    port = 3000;
  };

  internalExample = templates.internalService {
    name = "internal-api";
    subdomain = "api-internal";
    port = 8000;
  };

  # Example 6: Custom domain and advanced configuration
  customProxy = mkReverseProxy {
    name = "custom-service";
    subdomain = "custom";
    url = "http://10.0.1.100:8080";
    domain = "example.com";
    priority = 20;
    rule = "Host(`custom.example.com`) && PathPrefix(`/api`)";
    middlewares = [ "crowdsec" "whitelist-geoblock" "rate-limit" ];
  };

  # Example usage in a Traefik configuration:
  # 
  # mjallen.services.traefik = {
  #   enable = true;
  #   extraServices = multipleProxies.extraServices;
  #   extraRouters = multipleProxies.extraRouters;
  # };
  #
  # Or for individual proxies:
  #
  # mjallen.services.traefik = {
  #   enable = true;
  #   extraServices = [ simpleProxy.service ];
  #   extraRouters = [{
  #     inherit (simpleProxy.router) subdomain entryPoints middlewares;
  #     service = simpleProxy.router.service;
  #   }];
  # };
}