118 lines
2.7 KiB
Nix
118 lines
2.7 KiB
Nix
# Example usage of the reverse proxy utilities
|
|
{ lib, namespace, ... }:
|
|
let
|
|
inherit (lib.${namespace} - lib.reverseproxy)
|
|
mkReverseProxy
|
|
mkReverseProxies
|
|
templates
|
|
middlewares
|
|
urls
|
|
;
|
|
in
|
|
{
|
|
# Example 1: Simple reverse proxy for a local service
|
|
simpleProxy = mkReverseProxy {
|
|
name = "myapp";
|
|
subdomain = "myapp";
|
|
url = "http://127.0.0.1:3000";
|
|
};
|
|
|
|
# Example 2: Authenticated service with custom middlewares
|
|
authProxy = mkReverseProxy {
|
|
name = "admin-panel";
|
|
subdomain = "admin";
|
|
url = "http://127.0.0.1:8080";
|
|
middlewares = middlewares.authBasic;
|
|
};
|
|
|
|
# Example 3: Container-based service
|
|
containerProxy = mkReverseProxy {
|
|
name = "nextcloud";
|
|
subdomain = "cloud";
|
|
url = urls.container "nextcloud" 80;
|
|
middlewares = middlewares.basic;
|
|
};
|
|
|
|
# Example 4: Multiple proxies at once
|
|
multipleProxies = mkReverseProxies [
|
|
{
|
|
name = "grafana";
|
|
subdomain = "grafana";
|
|
url = urls.localhost 3000;
|
|
middlewares = middlewares.authBasic;
|
|
}
|
|
{
|
|
name = "prometheus";
|
|
subdomain = "prometheus";
|
|
url = urls.localhost 9090;
|
|
middlewares = middlewares.internal;
|
|
}
|
|
{
|
|
name = "alertmanager";
|
|
subdomain = "alerts";
|
|
url = urls.localhost 9093;
|
|
middlewares = middlewares.authBasic;
|
|
}
|
|
];
|
|
|
|
# Example 5: Using templates for common patterns
|
|
webappExample = templates.webapp {
|
|
name = "webapp";
|
|
subdomain = "app";
|
|
port = 8080;
|
|
};
|
|
|
|
authWebappExample = templates.authWebapp {
|
|
name = "secure-app";
|
|
subdomain = "secure";
|
|
port = 9000;
|
|
};
|
|
|
|
containerExample = templates.containerService {
|
|
name = "gitea";
|
|
subdomain = "git";
|
|
containerName = "gitea";
|
|
port = 3000;
|
|
};
|
|
|
|
internalExample = templates.internalService {
|
|
name = "internal-api";
|
|
subdomain = "api-internal";
|
|
port = 8000;
|
|
};
|
|
|
|
# Example 6: Custom domain and advanced configuration
|
|
customProxy = mkReverseProxy {
|
|
name = "custom-service";
|
|
subdomain = "custom";
|
|
url = "http://10.0.1.100:8080";
|
|
domain = "example.com";
|
|
priority = 20;
|
|
rule = "Host(`custom.example.com`) && PathPrefix(`/api`)";
|
|
middlewares = [
|
|
"crowdsec"
|
|
"whitelist-geoblock"
|
|
"rate-limit"
|
|
];
|
|
};
|
|
|
|
# Example usage in a Traefik configuration:
|
|
#
|
|
# mjallen.services.traefik = {
|
|
# enable = true;
|
|
# extraServices = multipleProxies.extraServices;
|
|
# extraRouters = multipleProxies.extraRouters;
|
|
# };
|
|
#
|
|
# Or for individual proxies:
|
|
#
|
|
# mjallen.services.traefik = {
|
|
# enable = true;
|
|
# extraServices = [ simpleProxy.service ];
|
|
# extraRouters = [{
|
|
# inherit (simpleProxy.router) subdomain entryPoints middlewares;
|
|
# service = simpleProxy.router.service;
|
|
# }];
|
|
# };
|
|
}
|